Cisco Switching/Routing :: 2224TP / Servers With Dual NICs Connected To Separate FEXs
Mar 26, 2012
Our current topology is a single N7K with two 48port 10Gb F2 linecards and FEX 2224TP in the server racks. In a few of the racks that house important servers, we have placed dual FEX 2224's. Each FEX has 2 10Gb links back to the N7k (each link on a separate LC). I've tried to create a port-channel for the important servers in such a way that each NIC on the server is connected to a separate FEX - but its failing (simple drawing attached). I've read multiple posts saying this is possible, and others that say its not. I've also submitted a TAC case and have been told it's impossible to port-channel interfaces on separate FEXs connected to a single N7k - but I find this an impossible limitation and want to verify it's actually right. Is this really a limitation?
Server 2008 has two Nics one connected to outside switch and has internet, other Nic is connected to local siwtches which has 20 systems connected locally but does not have internet. Local systems were getting IP from server, but there was not internet on the lan systems, I restarted the server and local systems lost IP address. earlier everyting was fine.
I would like to make a design with 4 Nexus 5596UP. 2 of them equipped with Layer 3 Expansion Module so they can serve as core layer and the other 2 Nexus used as Layer 2 for aggregation server layer.The 2 Nexus in the core layer will run HSRP and will peer with ISP via BGP for Internet connection The 2 Nexus in the aggregation layer will be configured as layer 2 device and have FEX and switches connected to them.What I am ensure of is how the vpc and port-channel configuration should look like between the 4 nexus. What I was thinking is to run vpc between the 2 Nexus in the aggregation layer and between the 2 Nexus in the core layer. Than I was thinking of connecting each Nexus in the aggragtion layer to both Nexus in the core layer using port-channel and vice-versa.
I am planning the following network setup.Get a server with 2 NICs, a router and a switch ,1st NIC is connected to Internet2nd NIC is connected to a router,A router is connected to a switch,All the client workstation are connected to Switch to access the server.I believe with this setup all my client workstations can browse the internet on their local machine via server.
My Data Center has one single core switch where is connected several servers, one port is the link to the router wan and other port is the link to the FW, my boss wants to install 2 nexus in order to replace the single switch. All my network has only one address, for example 192.168.10.0/24 if I connect two nexus 7010 in VPC and Domain, each nexus is going to has 2 modules with 48 port 10/100/1000 rj45 and i wan to connect servers directly to each nexus, with this figure i'm going to have a group of servers connected in two different nexus, Do they can have the same network 192.168.10.0/24 considering that the nexus are in the same vdc and vlan and have only one gateway for both groups? If the answer is positive, which nexus would be the gate way for that address, the primary or secondary? Or i must have a different address for both group of servers, i mean for example 192.168.10.0/24 and 192.168.12.0/24?thus each nexus would be the gateway for that new address?
To have two nexus connected by VPC in a Domain mean that one computer connected to one nexus can share the same address or vlan with other computer connected to the other nexus????
i am trying to use windows server 2008 R2 as a host machine, and i will be using windows server 2008 R2, and windows server 2008 serverCoreR2 as guest virtual machines. I have two NICs on my computer, and my computer has the memory, the hard drive space, and the cpu to handal this.
Ok so even though this isn't really needed, it's for a 10 user office I have two tower servers with dual nics but not the same brand (just bought a cheapy gigabit startech) to go with intel on board nic. Also my switch is also gigabit which is a trendnet teg-s24dg which does not support link aggregration.
But since I have two nics and both servers are running win2008 enterprise I want to use the other nics for throughput if possible. So to give an idea servers are doing DC/AD and fileserver DFS rep. If I turn one off the other picks up and network still functions (there is a small lag since dns has to pick up that other is not responding. So far the best I can think I can do with the extra nic is add ip's to second nics and add to dns and round robin or install NLB role to for two server cluster.
I can't really team them since they are two different brands, so what would you do or do you suggest I can do with them. Also I have a T1 and dsl going into a dual wan firewall dsl is not being used for anything. (might use it for a seperate wifi network if people need it.
Does Cisco MSE 3350 comes with two NICs. I want to configure them as a team bound to one IP address and send each to a separate 6509 switchport all in the name of redundancy and failover.
I'm trying to setup a server with two nics, one of which is connected to the network, and the other connected to a NAS via crossover. I've never done anything with subnetting, but I was thinking I could just set the main nic to 192.168.10.20 with a subnet of 255.255.255.0 and the other to 192.168.10.250 with a subnet of 255.255.255.240 and the nas nic set to 192.168.10.251
Am I thinking through this right, or is there a better way to do this?
WE got our ESXi servers recently moved from a 6513 to nexus 2000 FEXs uplinked to a nexus 5000s basically we have enhanced vPC and nics goin to 2 different FEXs and they uplink to 2 nexus 5000.
the Vswitch for VMs is setup in a VPC. Question is do the traffic from each vm going in/out of these nics in a vpc actually use both physical links? How can i tell from the switch?
I wanted to ask a question about the diagram I have included. We are bringing up 2 MPLS WAN connections and would like some specifics on the best design. We are using BGP to the providers. From there we have big questions. We can run BGP internal and are licensed to do so on the N5K's. The N5Ks are currently using HSRP for inside LAN clients as default gateway. We want to load balance and provide redundant routes using a dynamic approach. Should we use BGP internal utilizing the connections between the routers? Should we use HSRP on the routers? How best to get the routes to the N5K and should we be considering this?
On C6500 series I have to create a separate community to send a SNMP trafic for a couple of gig interfaces.The user that will collect these informations has a Monitoring server and is only interested in monitoring traffic on those link and maybe pps.
I understood to create a an ACL pointing to his IP of the server, and that create a community and associate this access list with that community. Those commands I have, but I need to send the user the MIBs or other relevant info on how to collect and forbid everything else but thos interfaces.Do I need to give the SNMP HOST command and associate with this community after that.
We are thinking of following classic design, would Nexus 5K can have 2 seperate connections to each VDC? Nexus 7K w/ different VDC (Internal / DMZ ) Can Nexus 5K have a VPC connection to Nexus 7K to Internal VDC as well as DMZ VDC, and seperate traffic?
We have two switches; a WS-C3550-48 and a WS-C3548-XL connected via fiber uplink ports. Both switches are on the same subnet 192.168.1.0 /24. I would like to change the subnet of the second switch, WS-C3548-XL, to be on 192.168.2.0 /24. Would it be possible to assign 192.168.2.x IP addresses to both uplink ports to achive this?
Or would I need to create a separate VLAN and assign both GigabitEthernet0/1 uplink ports to this VLAN?
I've just started out playing with a Cisco 1800 router to gain some knowledge of Cisco devices before taking a CCNA. I also have a 2950 switch but will start with the router.
I'm using an Android phone as a wireless Internet access point. This issues IP addresses by DHCP in the 192.168.43.x range with 255.255.255.0 subnet.
Also I have a Linksys WRT54G router running DD-WRT firmware acting as a wireless bridge to the Android phone, and it has 4 LAN ports.
This bridge is up and running and I have successfully connected my laptop to the Linksys for testing and can use the Internet provided by the phone.
Connected to the Linksys is a Cisco 1800 router. Connected to the router is my Citrix XenServer PC and a NAS box.
The XenServer and NAS are on another network 07.05.19.x range with 255.0.0.0 subnet using their own static IPs. One of the virtual clients on the XenServer will be a DHCP server to service other virtual clients. All still in the 07.05.19.x range.
Basically I want the devices on the 07.05.19.x IP range to be able to use the Internet gateway at 192.168.43.1 to access the Internet.
How would I set up my 1800 to achieve this?
Also, am I right in understanding that the 1800 will ignore DHCP leases from the Android phone due to it being a Layer 3 device.
i am first time to trying to make Vlans. I managed to do 2 vlans to SA520 to ports 1 and 2. But when i try to separatethem to SG300 with web management it doesnt work. Vlan 1 works fine, i untagged wanted ports and forbid vlan 2 ports.In Vlan 2 there vice versa, is this right way to do? Both Vlans has their own DHCP range as i do them to SA520.
Currently we have an Ava ya IP Office switch running on the same network as our PC clients. I would like to seperate the two network into 2 V LAN's.
We have a mixture of Catalyst 3750 switches and some older 3500 models.Where do I start? Should I leave the PC's and servers on the default V LAN and just move the IP handsets?
I have to configure failover Active/Standby on my ASA 5510.I am wondering how i could do for the outside interface, i mean, actually the ASA1 outside interface is linked directly to our Internet router.So now if i have to add ASA2 connecting to that router i will need a switch between them.I have already a switch for DMZ & LAN.The thing is that i will have to allow 3 switchs ports to communicate with each others.
- 1 for ASA1--outside - 1 for ASA2--outside - 1 for Internet router
How could i isolate these 3 ports to make them communicate alone ? Should i use VLAN for that ?And if i use VLAN, will this require to make any change of configuration on my firewalls (ASA1 & ASA2) outside interface ?I am a bit lost with this, if i am correct i will not have to do some "vlan tagging" on the firewall itself ?
We were going to create a 2 port, layer 3 etherchannel between a 1002 router and a 3750X layer 3 core switch. We wanted to create bunled link between them but, now we are going to be putting a Riverbed device between the router and core switch. Because of this, would it be best to abandon the idea of creating a layer 3 etherchannel and just have 2 links from the router and core switch and have traffic load balance between the 2 links?The Riverbed will have 2 connections into it from the Core switch and 2 connections into it from the 1002 router. I was hoping to keep the layer 3 etherchannel but, do you think it would be best to create 2, /29 nets and have the router/Riverbed and Core Switch/Riverbed load balance.
As I understand Cisco Catalyst 3750-x supports stackwise and stackpower technology.Do I need to purchase a seperate module to enable stackwise and stackpower? Or are stackwise and stackpower modules included be default on the switch already?
I have an issue with a Cisco 3750 switch stack which is connected to two seperate upstream Cisco 3750's which are administered by an ISP. The ISP is experiencing MAC address flapping from one of my VLAN SVI's i am using to route traffic upstream
[code]...
As you can see I utilise a VLAN SVI to route traffic to the upstream 1.1.1.2 (illustration only) IP. As per the diagram of the topology attached, the ISP is receiving a MAC address flapping error confirming the SVI MAC address from my switch stack is being learnt on the trunk port connecting switch 1 and switch 2, and also the port (Gi1/0/48) directly connected to my switch stack. As these are all Layer 2 links essentially being passed upstream and then connected between the two ISP switches, we have a 3 way triangular loop formed.
If I was to remove the port channel configuration from the two ports associated with the VLAN SVI, am i right in suggesting this would still form a layer 2 loop? The two ports would still be a member of the SVI VLAN, and it is the VLAN MAC address which is being learnt by the two ISP switches on different interfaces.
The Voip pbx resides on a seperate lan, not connected to the ASA. Users from behind the ASA (inside) try to connect to the VOIP pbx using a soft phone. The Voip connection is established, however users cannot here conversations on either end.Im assuming this is possibly a Sip and Pat issue? The ASA firewall is using a seperate Global IP for PAT. Also I have opened ports on the outside interface for SIP udp 8081, 2088,16000-16010 and 15000-15511. I have both SIP and H323 h225 inspection in place as well.
I want to route traffic from nic 2(192.168.2.1) to nic 1(192.168.1.1). In lame terms route the traffic from 192.168.2.10(gateway 192.168.2.1) to 192.168.135(192.168.1.1). I know how to use the route command in CMD. So how would I get the traffic from 192.168.2.10 to 192.168.1.135? I'm just not sure how I would do that with the route command. I've tried
Code:
route -p add 192.168.1.135 mask 255.255.255.0 192.168.1.1 IF 12
Also tried like 5 different ways The IF 12 is my NIC 2.
So i have a server with an internet nic and lan nic. The internet nic gets its IP from the router 192.168.1.7 the lan nic uses DHCP for the network and has 172.16.1.1. I just turned on the ftp service and it works fine in the lan side but cant reach it from the ISP side. I use a dynamic dns host which is monitoring my internet ip and is correct.
Start: 192.168.5.9 > 192.168.5.5 (NIC 1) - 10.14.137.130 (NIC 2) > 10.14.137.128So the question is how do i get traffic from Machine A to Machine C. I've tried various 'Route ADD' cmds but no luck so far. So was hoping someone out there could shed some light for me?Machine B is a AD/DNS and can talk to the entire 10.14.137.x range but has no forwarders set up in DNS. And does not act as a AD/DNS server for the 10.14.137.x range. It fills these roles only for the 192.1668.5.x range.
I have a cisco 2851 router as the edge router, I have a 3750G and a 3560G switch and configured intervlan routing with four vlans, also connected to the switches a four servers and one has active directory and a dns server.i am able to ping from all te servers fine from different vlans and the servers are able to ping the edge router. the problem I am having is with DNS, in the edge router i have configured the isp's dns server address in ip name-server and i am able to reach the outside world.
the problem im having is the servers are not able to reach the outside, do i need to do something in the edge router to forward it to the 3750g or do i have to add my isp's dns servers on the 3750g with ip name-server.
we have tried to use the Cisco Hierarchical model as close as possible. we now have the need for 10 gig servers. we have a 7k, 5k, 6500, and 2960's in our network. we have some open 10 gig ports on our 5k. where is the best place to connect the 10gig servers. or is there a more preferred way to connect these new servers?a 10 gig blade for the 6500, the new 6001 switch?
We have 2 nexus 5K installed in our data centre recently and we are connecting new three servers to nexus switches. Each server has 2 10GB ports . 1 port of serverA is connected 5K1 and other port is connected 5K2 ( sameway other 2 server connected to Neuxs 5K1 and 5K2 Switches).So do we need to create each VPC with Portchannel (like VPC 1,2 and 3 ) for each server connection?
At home I have a Cisco 877 router, I also have Optus Cable internet and Telstra Business Direct DSL. I have configured the ATM interface for the Telstra DSL connection through the onboard DSL interface. I have also configured Fast Ethernet port 0 as a vlan2 port, which is configured for use with the Optus Cable internet (this is connected through an Optus Netgear CG3000 router). The Nethgear has DHCP enabled (192.168.0.xxx range), as does my Cisco 877 (10.0.0.xxx range).Firstly, the Telstra Business DSL is due to be connected tomorrow between 9am and 1pm, so it is not physically connected as yet.From my laptop connected to fa3 and using Console connection, I can ping all of the 192.168.0.xxx addresses that exist, as well as my own laptop and a VoIP phone I have connected to fa2 (laptop is 10.0.0.100, VoIP phone is 10.0.0.101 both DHCP assigned, not MAC Reserved either).I can use internet explorer on my laptop to connect to the Netgear router, but no other internet pages. I also cannot connect to my Fuji-Xerox printer at 192.168.0.20 through the web browser, yet I can ping it from the router.I don't have a huge experience with Cisco as yet, and everything I have learnt has been basically self tought. I am looking into doing my CCNA, once I achieve enough funds Now, what I am trying to achieve ideally is, to combine both the Cable and DSL services to in effect double my speed? if this isnt available, a load-balancing type of scenario would also be good. Both DSL plans have a 500gb download limit, but the reason I needed the Telstra DSL is the VoIP phones I am using won't connect through Optus (Optus have locked nearly everything out), and Optus will not give me a STATIC IP address with the Cable, whereas I have on on the Telstra DSL, I would like to Remote Desktop into my main PC eventually.
The IOS on my router is: C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(6)T7 The Optus Cable Modem IP is 192.168.0.1, the Cisco 877 router IP is 10.0.0.1
The current config (complete, with username & passwords ### out) is below: (Bear in mind there's probably many things thats not needed.Once I get the router working, I will configure my 2960 switch and have all devices connected through this. All devices on my network do not need to stay in the 192 range, they can be 10.0.0.xxx. The DHCP could be disabled on the Netgear (Cable Modem) if that's required as well.
I would like to ask if there are dual WAN router models on ISR G2. The client doesn't want the RV042G. Any model from the 890 series up to the 2900 series ISR G2 routers? The connection from the ISP is via Ethernet. If a serial connection would be used then we can just add an HWIC-2T for this matter.
I have recently implimented an RV016 device into our network. We have a bonded T1 service with Paetec/Windstream (5 static IPs) and also a cable connection with Comcast (no static IP). The T1 has been our primary connection, and our MX and A records all use this IP address. I have the rules set and using a one-to-one NAT setup with our 5 IPs. Everything is working great with the T1 in place and email is flowing with no problems, however when I connect the cable into the WAN2 port and try to send email, its using that outbound connection, rather then the T1 and our spam filter is blocking it. So the email is rejected and we get this message below.
--------------------------------------------------------------------------- Delivery has failed to these recipients or groups:
xxxx@gmail.com (xxxx@gmail.com)Your message wasn't delivered due to a permission or security issue. It may have been rejected by a moderator, the address may only accept e-mail from certain senders, or another restriction may be preventing delivery.
The following organization rejected your message: (our smtp spam relay) -------------------------------------------------------------------------
The reason for being rejected is just because it doesn't recongnize the IP address/gateway it is coming from.
My question is, how do I define that all email is sent out through our T1 connections IP address in the router?I see options for Advanced Routing or Bandwidth Management, but not sure what one I need to configure as I am not too familiar with these settings. I have Intelligent Balancer(Auto Mode) enabled as well by default.
The reason for adding the second internet connection is strictly for load balencing and getting some more bandwidth in our location.
