Cisco WAN :: 6509 - L2 Etherchannel Over 2 ISPs Between Two Sites
Sep 21, 2011
We are implementing the network design between the two sites (OLD Data center and NEW Data Center), scheme in attachement.
We have chosen this scheme on the following criteria:
- A single IP network between the sites (for simplicity migration);
- Fault tolerance via different ISPs.
But the problem is L2 etherchannel doesn't work correctly: When one side port is shutting down, on the other side etherchannel will not rebuild and does not see that link down on the other end. We have tried to use LACP in etherchannel (mode active on ports), but result was the same. Is it on the ISPs side?
Should we use this design or we have to subneting the network and make connections between the data centers classically with L3 channels and OSPF?
The configures of Core ports listed below:
OLD data center core (Cat 6509):
interface GigabitEthernet2/6
description #### TO DATA-CENTER core 1#####
switchport
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
switchport mode trunk
logging event link-status
View 1 Replies
ADVERTISEMENT
Nov 26, 2011
I have a second link being installed this week to a second ISP. Each ISP has tunnels that terminate on there routers for various services. Right now on the 6509 I have a static default route which sends all traffic to ISP one. Once I get the second link installed I would only like to send specific traffic to ISP1 and everything else to ISP2 unless the link is down. Would policy routing on the 6509 fit my needs?I would like to send 172.20.0.0 / 24 and 10.25.0.0 to isp one and everything else to ISP2.
View 4 Replies
View Related
Mar 25, 2013
I have two switches 6509 one switch is confire with VTP domain ABC Other switch is configure with ABZ, At present the switch is configure with the L3 interface and one fiber cable is connected between two switches.I want to remove L3 configuration wants to make L2 etherchannel and wants to ceraeate Loop back will assing same ip both side.The OSPF is configure both side , i will not do any changes in the OSPF as L3 ip is advertise in OSPF.
View 1 Replies
View Related
Jun 2, 2013
I have made an etherchannel between 6509 and 7606 with two giga interfaces on eatch one to have more bandwidth (2Go), but the Etherchannel does not exceed 1 GB (Below is a capture for Etherchannel taken from Solarwinds).the both 6506 and 7606 use ws sup 720 3bxl
View 8 Replies
View Related
May 8, 2012
If I dual connect my access switch to my 6509s running vss, what will happen, will spanning tree still block one of the ports if I don't set up an etherchannel?
View 1 Replies
View Related
Mar 5, 2012
Is it possible to use two different load balancing methods at each end of a port-channel between two switches?
We have a Cisco 6509 at one end of the port-channel and a Cisco blade switch 3020 at the other end. Right now, we are using "src-dst-ip" at both end of the port-channel. We would like to change this. That is, we would like the #3020 switch to use "src-dst-ip" while the 6509 switch should use the "src-dst-port".
Why we want to do this, the reason is that we have FWSMs on the 6509. I've read that by configuring "src-dst-port" on the 6509, one can get a better performance of traffic going through the FWSM. However, the issue is that the 3020 switch does not support "src-dst-port".
View 4 Replies
View Related
Nov 9, 2011
I have been asked to research running VSS between 2 6509's between 2 sites?
I am just going through the whitepapers and need to establish the link requirements for such a setup.
Is it a valid setup?
View 2 Replies
View Related
Sep 25, 2012
when I try to enable a WLAN that is using the same SSID as another WLAN I get this message
The following errors occurred while updating the WLAN:
WLAN with duplicate SSID and L2 security policy found.
each location has its own interface because each site is setup on our 6509 with a different VLAN. What is the best way to work around this.
View 10 Replies
View Related
Oct 25, 2011
I understand that jumbo frames need to be enabled end-to-end. I have two ESX hosts connected at each site. I want to enable jumbo frames for those ports, but what if not all host on the ESX are using jumbo frames, will I have drops and connection failures? So if i have two sites, each with a 6509 connected via a trunk and need to enable jumbo frames for a vlan between the sites how do I accomplish this?If I enable jumbo frames on the trunk link how does that impact other traffic between the sites?
View 3 Replies
View Related
May 21, 2013
Has anyone configured Layer 3 port channel on Cisco 6509 switches which are connected over dark fiber between two buildings?
View 3 Replies
View Related
Jul 8, 2012
MY ISP installed one router in my lab.for internet connectivity they mail me steps :connect your Laptop directly to gi0/3 port to check internet connectivity with public ip 1.1.1.x and Gateway 1.1.1.1 with subnet mask 255.255.255.240 after connection I surprised because I am able to access only google sites like gmail,google search etc. but I am able to ping/traceroute all sites.from browser I am able to access only google sites only.In Router no firewall no such access list.
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Oct 30, 2011
Currently we have a T1 for data connected to a 1721 Router that is connected to an ASA 5510. We would like to add a FIOS line for dedicated online backup. Is it possible to connect the FIOS router to the ASA and route the IP from our backup server to use the FIOS line and everyone else continue to use the T1?
View 3 Replies
View Related
Jul 10, 2011
We got 2 ISPs -------> two ASA 5520 Primary / secondary --------> LAN . ASA is configured with ACL and Static NAT for our mail , web & ftp servers .
My question is how to configure the 2nd ISP on the ASA to auto switch to the 2nd ISP when the 1st is down with a backup static NAT and backup ACL for the new ISP , in other words how to configure a active static NAT and Backup Static NAT and ACL only for Exchange/Mail Server.Here is the example of our configuration where PIE is Primary ISP & EMC is Backup ISP.
ASA Version 8.2(1)
hostname Corp-ASA
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
[code]....
View 1 Replies
View Related
Apr 21, 2012
I have a 192.168.1.xxx network connected to Verizon FIOS via Actiontec MOCA / router.I also have a 192.168.15.xxx network connected to Comcast via Motorola VT2442 router (used for Vonage) and a Motorola SB6121 cable modem. Each network has it's own gigabit switch connected to each router. The two networks are physically separated but switches and routers are physically side by side.What is the best configuration to allow devices on 192.168.1.xxx network to communicate with devices on the 192.168.15.xxx network (share printers, NAS, etc), but still have each network served by it's respective ISP, and each device still get it's dhcp, dns, gateway, etc from each respective router?
View 10 Replies
View Related
Feb 12, 2013
How I can get a list of Tier 1 ISPs?
View 2 Replies
View Related
May 9, 2012
Would one phone line be able to support two ISPs? The rest of my family is using an AT&T line and I'm less than amused with it's performance for 4+ people. I have an unused phone jack available but I'm concerned about ordering the installation package only to find that I need a new phone line)
View 4 Replies
View Related
Apr 17, 2012
I am running a home configuration where there are 2 PC's each using a different ISP. If one of those ISP's goes down, I would like both PC's to switch over to the working ISP.
View 5 Replies
View Related
Nov 11, 2012
The problem is the memory available in common BGP-routers. A sup720-3BXL for example, a widly used sup-engine for handling BGP as far as I know, is getting to the limit of its memory size, depending on the number of upstream-providers connected to it.What are you doing, what are major ISPs doing, to circumvent this problem? setting up some server, working as route-reflector, and with a high level of summarizing routes, above supernetting? But at the cost of stability? Or buying new hardware, supporting bigger table? For example the RSP720-3CXL-10GE with up to 4GB memory? But how long will it last? Or a ASR-9001 with 8GB memory or even the ASR9k6 + RSP440 with 12GB mem?
View 19 Replies
View Related
Jul 18, 2011
Is it possible to configure multiple ISPs in 3560? and These ISPs traffic should be forward different vlans & different ports. i need configure port wise DHCP also and using different ip addresses please, which device supports this application
View 2 Replies
View Related
Jul 1, 2012
I've been searching the net for days now trying to configure the ASA5505 for dual DHCP ISP use. All guides available assume you have one static.
After realizing that it required a Security Plus license to even configure 3 VLANs.
I can choose a backup interface in ASDM. It even says dual ISP enabled. Why cant there be a guide or simple configuration example or am I the only one looking for this kind of solution?
Customer has two ADSL internet connections and want to switch between them if they fail. No load balancing required.
View 2 Replies
View Related
Aug 17, 2011
Looking to replace an "all-in-one" type firewall (UTM/Firewall, SSL VPN) with a cisco product - the issue i'm running into is that we have multiple ISPs plus WAN and DMZ - overall more than 5 ports on mid-range ASA devices - and from what i read, adding 4-port module precludes me from adding CSC module.
Is there an solution to that other than going for 5585-x model? (kind of over our budget, granted we need 2 for failover)
View 2 Replies
View Related
Oct 17, 2011
We have an issue with some NAT on an ASA 5510. Here is a simplified drawing of the ASA setup:So the issue is when we try to send traffic from 172.16.3.251 to 1.1.1.1 we got this message in the log:
Oct 18 2011 12:32:12: %ASA-3-305006: portmap translation creation failed for udp src inside
172.16.3.251 /37166 dst outside:1.1.1.1/23
It looks like there is an issue with NAT but maybe is cause of the DUAL ISP setup as packets are routed through the outside interface and not IPtelefoni_outisde?
View 13 Replies
View Related
Nov 14, 2011
I am having a strange requirement. actually I am not sure it is strange or not. I am having ASA5510 with 8.4 sw version. Currently one ISP is connected to it. It is working fine. We have some servers that are directly connected to internet using another ISP connection. These servers having public IP addresses configured on their LAN settings. I need to move these servers in to the DMZ zone.
When i connect it to the ASA's DMZ zone,servers will get internet through the first ISP that is already configured on ASA. But i need to NAT the DMZ servers with the IP address provided by the other ISP, which even not configured on ASA.
So what should i do? In short my requirement is
1) need to NAT the server with the IP address provided by another ISP
2) Also note that the default route is configured for the first ISP only in ASA
so Do i need to configure another default route? Do i need to make it with larger AD? So i do it will act as the secondary route only.
I need to make the ASA up and running for two ISP, and servers in the LAN should be able to NAT with the IPs of first ISP and ,the servers in the DMZ zone should be able to NAT with the public IP of the new ISP.
View 2 Replies
View Related
Jan 23, 2012
Using a RV082 (firmware 2.0.0.19-tm) connected to two different ISPs. LAN IP IS 192.168.1.1. Everything seems to be working OK if I leave the DNS settings for WAN1 and WAN2 set to public DNS servers. If I set each WAN connection to the respective ISP’s DNS settings then I get timeouts when using NS look up. My ISP only accept DNS request from routers on their own network.
Assumption:
I thought that if each WAN is pointing to it’s own DNS server, I should be able to get a reply when I do a NS look up with the server set to this router (192.168.1.1.)
Real life:
The fact is I get a Timeout every time I test a domain name look up.
With the exact same configuration, setting both WANs to public DNS servers, everything works fine
The only reasons for wanting the DNS settings not set to a public DNS server are two. My Spam solution has issues with using a public DNS server was hoping I could increase the speed of DNS look ups using a closer DNS server.My objective is to point the internal DNS server on the SBS 2003 to the RV082 and have the router forward the request as needed to the proper ISPs dns server.
Is my assumption above correct? If I have each WAN configured to it’s own DNS settings I should be able to point to the router for DNS look ups and if the record in not in cache this router will forward it to one of the two WAN’s using that WAN's correct DNS settings?
View 1 Replies
View Related
Dec 5, 2011
We have a cisco ASA 5505 with sec bundle plus
We have two ISP's:
ISP1 (Our IP = 30.100.150.50, gateway 30.100.150.8)
ISP2 (Our IP = dynamic, gateway 20.100.150.9) - ADSL
Our internal LAN IP range is 10.9.8.0/24
We want to configure the ASA 5505 to allow users via ISP2 for http traffic We then want to use ISP1 for strictly VPN and access to internal web resources (eg OWA) as we have public IP's there.
Our idea was to configure two gateways on the ASA (e.g. 10.9.8.5 via ISP2 and 10.9.8.6 via ISP1)
Then give the users gateway 10.9.8.5 for web browsing etc Is this configuration possible on the ASA 5505?
View 4 Replies
View Related
Nov 1, 2012
have main office of 70 people.Also I have 2 redundant ISP:One give me 20 mbit/s Other only 2 mbit/s and it is my backup ISP.
I have some resources in data center and I need a IPSec VPN to it and some other location. I suppose there will be up to 3-5 IPSec tunnels. I choose Cisco ISR 881-SEC-K9 with one wan port and 4 LAN switch. But know I’m looking for Cisco 891-K9. There is no security bundle for it. But in cisco.com this router is marked Cisco 891-K9 Security router. Does it support security features like VPNs, ZBF, IOS Firewall, NBAR and IP SLA for ISP redundancy? Also if my boss will choose chipper Cisco router 881-SEC-K9. Will I be able to organize 2 ISP redundancy on 4 LAN switch port inside VLAN interfaces because there is only one WAN port?
View 2 Replies
View Related
Jan 5, 2013
I have ASA5510 with PLUSE License.I have 2 Inside interfaces as STAFF and MAIL and two Outside interface OUT_STAFF and OUT_MAIL which is in separate ISP's.now i want to nat STAFF to OUT_STAFF and MAIL to OUT_MAILbecause I'm having two default routes it gets impossible to do.
View 1 Replies
View Related
Aug 9, 2011
I have a Cisco ASA 5510 and I am trying to set it up to be able to have it failover to the 2nd ISP connection if the 1st one ever went down. I think I need a nat statement that the "backup" connection will use when the 1st connection goes down, but I am unsure what the nat statement is supposed to be. I have added the commands that I am pretty sure that I need to add for the "backup" ISP connection. Attached are those commands, the interfaces that are set up, and the objects that are set up in the ASA.
View 2 Replies
View Related
Dec 14, 2011
I inherited a network redesign project mid implementation and ran across an issue that I was not 100% sure able to be resolved. Implementation is occurring in which the organization is changing over to a different ISP and we have some customers that will not be able to change their settings over to our new addresses from some time. I have seen a lot of posts about fail over and dual ISP configurations, but I could not relate them to this particular scenario.
View 3 Replies
View Related
Nov 1, 2011
does cisco 2811 support?if no, can i make it work for BGP?also, i want to know the configuration of bGP for twoo ISPs for link failover.it will be google if u tell me step by step approach for configuring it
View 1 Replies
View Related
Aug 8, 2012
I have two ISP need to connect them on my router.
The Router that I have is 2811 where it contains two Fa ports only, so I put an access switch between the two ISPs and the Fa0/0 then configured the Interface Fa0/0 with two IPs ISP1 and ISP2 as a secondary.
The problem that I faced that when ISP1 become down the another secondary IP (ISP2) stay down and the internal users have no access to the internet.
View 1 Replies
View Related
