Cisco WAN :: BGP And Load Distribution 6509
Dec 18, 2012
I opened a discussion a while ago and had some great feedback but I am still racking my brains to figure this out,I have 2 routers each with a dedicated connection to the same ISP. I am using MED to influence my advertisements to the provider,I have 2 core switches (6509) with multiple vlans, each vlan has an HSRP address of .10 shared by the switches
My routers and switches are using iBGP to communicate. Both routers connect to vlan 1 on the core switches,I want to influence my traffic from the vlans to go to specific routers, so that I utilize both routes at all times (when possible), ensuring symmetric routing at the same time.
I think I have the following options
- PBR, I'd set this on the routers fastethernet interfaces and match based an two different ACLs
set the next hop as the ISP router 1 when matching ACL 1
set the next hop as the ISP router 2 when matching ACL 2
My concern is if I lose a link (say to ISP router 1), all traffic matched by ACL 1 is blackholed
- HSRP was suggested to me.
configure 2 standby groups on the routers with different priorities
allocate different HSRP addresses matching each vlan (to act as a core switch default gateway)
My concern here is I'd need the routers HSRP virtual IP addresses as the BGP neighbors on the core switches?
View 9 Replies
ADVERTISEMENT
Jul 22, 2012
We have two 100 MBPS P2P link from two different ISP and we have terminated both the link on our 6509 switch. Now we want to configure the load balancing between these two disfferent ISP 100 MBPS P2P link.
So, how to go and what all options we can try ? We are thinking for Ether Channel configuration. Need your expert opinions on the same and if etherchannel configuration is the option then what would be the configuration for the same ?
View 4 Replies
View Related
Nov 29, 2012
Right now I have 2 default routes load balancing 100MB internet links. This is on my 2 6509's.
ip route 0.0.0.0 0.0.0.0 10.47.2.1 (FWSM)
ip route 0.0.0.0 0.0.0.0 10.47.2.250 (5510)
Is there anyway to make the first default route take more of the traffic, like 60/40 or 70/30?Any program that I could use to see top users going through the FWSM?
View 1 Replies
View Related
Jan 24, 2013
I am trying to understand what load balancing method is used on a port channel on a Nexus switch . I have a server connected by a VPC to two Nexus switches. The nexus switches are only acting as layer 2 switches. I have a 6509 connected via a upstream link that does all of the routing for my VLANS. If have a server connected to the Nexus switches and it talks to a server on my 6509 what load balancing happens on the Nexus going across VPC 27 which is a layer 2 trunk going up to my 6509. Is it done on layer 2 or layer 3 flows?
My Nexus shows the default load balancing configurations
Port Channel Load-Balancing Configuration:System: source-dest-ip
Port Channel Load-Balancing Addresses Used Per-Protocol:Non-IP: source-dest-macIP: source-dest-ip source-dest-mac
View 4 Replies
View Related
Mar 5, 2012
Is it possible to use two different load balancing methods at each end of a port-channel between two switches?
We have a Cisco 6509 at one end of the port-channel and a Cisco blade switch 3020 at the other end. Right now, we are using "src-dst-ip" at both end of the port-channel. We would like to change this. That is, we would like the #3020 switch to use "src-dst-ip" while the 6509 switch should use the "src-dst-port".
Why we want to do this, the reason is that we have FWSMs on the 6509. I've read that by configuring "src-dst-port" on the 6509, one can get a better performance of traffic going through the FWSM. However, the issue is that the 3020 switch does not support "src-dst-port".
View 4 Replies
View Related
Jan 20, 2012
May I know what the redistribution is? Is it the redistribution of routing information between different AS numbers ?
View 4 Replies
View Related
Mar 5, 2012
We tried to distribute the softwer ( 12.4.23 ) via LMS 4.1 but we got the following message:Device is locked for exclusive access.The supported protocols for image transfer are: TFTP
SWIM1001: The input parameters to the Image Distribution/Image Import/Image Activate are invalid. You may have used incorrect Device Data for this task. Check the application log file for more details.
Device Upgrade Result : Failed
End Time:Mon Mar 05 15:53:17 CET 2012
Earlier we used LMS 3.2 and it gave same messages,The hardver is cisco 2620XM and actually used IOS is c2600-advipservicesk9-mz.124-3.bin ,We need to upgrade large number of devices via LMS.
View 4 Replies
View Related
Mar 20, 2012
I'm currently unable to upgrade certain devices since Cisco Prime incorrect believes there is not enough room in the flash partition.For example.
Getting the following error messsage trying to upgrade some Cisco 871 routers: "Catastrophic - SWIM1200: Selected Flash partition requires minimum (28 MB) to upgrade selected software/image."The images are around 18 MB in size. Why does Cisco Prime thinks its 28 MB in size? Bug?
View 1 Replies
View Related
Feb 4, 2011
I have Westell Ultraline series3 modem/router , the problem is i can only connect to the router/internet if i enter the IP address and DNS manually , which is not much of a problem except I have a vonage phone and can't type the ip address in it , so here's how the settings looks like , let me know what i should be changing
[IMG]file:///C:/Users/GL/Pictures/Network.png[/IMG][IMG]file:///C:/Users/GL/Pictures/Network.png[/IMG]
View 2 Replies
View Related
Dec 12, 2012
I have been able to get EIGRP working successfully in the lab like I want.
Attached is the network overview:
We have a Data Center and Corporate office connected via Point to Point Fiber link, eventually we will have two of theseTwo 4948E switches in the Data center acting as cores setup with GLBPCorporate Office has a 3750X acting as a coreCurrently two 4948E's are connected to each other via Port Channel and a L2 trunkTwo set of ASA 5520's one acting as a firewall and for Cisco Any Connect and second for site to site VPN
What is the best way/pratice that I can distribute this DMZ via EIGRP? Should I just leave it static on the core like this?
View 3 Replies
View Related
Feb 10, 2013
We are running with Cisco ACS v4.0 AAA server, Here I need the use of Proxy distribution table.
View 5 Replies
View Related
Mar 1, 2013
I have Wireless LAN Controller 4400 running. Currently all 50 APs are running at one port of WLC. I have studied on Cisco site, that its best to run 24 APs per port of WLC and total 48 in total. My all APs are running at one port. is there any issue if i run all 50APs on one port and is this any bottleneck?Also if i want to shift half APs to second port, What will be configuration for WLC?
View 6 Replies
View Related
Aug 23, 2011
in RME->Software Management-> Software Distribution -> By Devices [advanced], what is the file format we should have here, when we try to deploy many IOS images at once?
View 1 Replies
View Related
Mar 7, 2012
I got a 5MBps Lease Line Connection via FAST ETHERNET PORT. i got a Cisco 1841 Router.
I want to distribute bandwidth in this ratio 2MBps/2MBps/1MBps
2MBps = Office Connection
2MBps = Computer Laboratory Connection
1MBps = WIFI Connection
1841 has only 2 Fast Ethernet ports
so im planning to add up a 2modules of 2-Port Fast Ethernet High-Speed WIC for Cisco Integrated Services Routers
View 18 Replies
View Related
Feb 12, 2012
i am using Cisco ASA5510 Firewall on my network at the distrubution Layer . The Private IP Address is in the network for Users and PAT is use.I have a client who has configured the RDP on port2000. when the Users behind the Firewall in my Network tried RDP it does not work it shows configuring remote Desktop only. i am able to telnet the Client said server with port 2000 but unable RDP.Is any changes required on my firewall as a tesult the RDP works.
View 8 Replies
View Related
Apr 22, 2013
I am having a strange issue deploying universalk9-150-2.SE2 to our 2960S. All the switches are stand alones.LMS gives an error when asking to upgrade the image but the fact is that the new software wents through - if I manually reload the switch everything is fine.why is RME showing an error if the new image seems to have been deployed?
View 23 Replies
View Related
Feb 18, 2013
We currently support multiple companies' infrastructure on a single Prime Infrastructure 1.2 server. We are using lifecycle licenses. Is it possible to assign licenses to various Businesses? For example, can I upload 100 licenses for Company-X and 100 licenses for Company-Y and when adding devices into Prime, tell it which licenses pool to pull from? Could something like this be accomplished with virtual domains?
View 3 Replies
View Related
Feb 12, 2012
using the 55xx as a L3 Distribution switch or even as a Core. By enabling the L3 features does it allow you enabled L3 SVI's for VLAN interfaces or are there interfaces on the daughter card that are used for routing instead?
View 5 Replies
View Related
Feb 10, 2013
We are using CISCO Catalyst 6500 switches as collapsed core/distribution switches (2 layer architecture). I want to connect approximatly 10 application servers to the network. Can I connect the servers directly to the catalyst 6500 switches using WS-X6148E-GE-TX line cards? The other option is to use access switchs and then connect the servers to the catalyst 6500 through access switch(Catalyst 3750).
View 6 Replies
View Related
Jan 30, 2013
We have 4507 distribution switch in our network.I am trying to enable ssh in those switches but seems that ssh command is not supporting. IOS version - cat4500e-universal.SPA.03.03.00.SG.151-1.SG.bin
View 1 Replies
View Related
Oct 20, 2012
Imagine I am designing a small network with a C2900 router running OSPF and in the future BGP with service provider. Please see attached diagram.The router is connected to (2) C3750 Layer 3 distribution switches. Then one C3560 layer 2 switch to serve future IP phone users and desktops.
Question:
a)If I connect the router interface to the (2) 3750 switches, if I make the router interface fa0/0 and fa0/1 as a trunk to accomodate VLAN 200 and other future VLANs, don't I have a problem with overlapping networks between router interface fa0/0 and fa0/1?
b)Alternatively, I could make the Router1 fa0/0 and fa0/1 configured with IP addresses and advertised in OSPF. Then the SW1 fa0/24 and and SW2 fa0/24 I could make as 'no switchport and create a routed interface port' with IP addresses, also running OSPF. Question is, from a scalable design perspectie, would you create 2 management networks and use those when assigning the IP addresses for Router1 fa0/1 and fa0/2? Because again Router1 fa0/1 and fa0/2 obviously need to be placed on different networks to avoid overlapping. So my question is more about proper network planning design to make this scalable to accomodate future VLANs in the future.Using trunks between the Router1 and SW1 option:
Router1
int fa0/0
description connection to SW1
no ip add
int fa0/0.200
[code]....
View 3 Replies
View Related
Jan 24, 2013
I have been working on redesign of our network which was very challenging but almost there.We have a limited budget of around £20k(32k Dollor) Max. The cabling has been done before my time and it is very messy and cheap so you can not do a proper cisco hierarchical model at all.I can not have multiple links from each access layer switch to the core/distribution and as a result i had to connect some access switches together to introduces redundancy in a nutshell,we have two buildings, main building which has the server room in it and the other building which is just bunch of office. i have introduced a partial mesh on the normal building and have tried to introduce full mesh on the main building .
View 9 Replies
View Related
Feb 21, 2013
The two stacked Cisco 3750G Access switches on a particular floor in my coy just lost connectivity to the distribution Switch this morning. This meant that all Users connected to it couldnt connect to the Internet nor access local network resources.I couldn't ping the Switch IP, I couldn't also access the Switch via Console port. Each time I tried to gain access via the console port, I keep getting "Authentication Failed" message.What should I do next? How do I gain access to the Switch?
View 1 Replies
View Related
Oct 9, 2012
This is existing network diagram and find attached file for configuration of Router and L3 Switch:ISP provided 6 Mbps internet access link with ethernet Handoff which is terminated over Cisco 1841.ISP also provided pool of 30 Public ip's 125.63.74.33 /27 , range from 125.63.74.34 to 125.63.74.62.In my current setup, all Inside to ouside traffic going out through 125.63.74.34 public ip because this public-ip NAT overload with Router F0/1 interface.
1) I want to divide 6 Mbps link physically into three parts 2Mbps, 2Mbps, 2Mbps for three VLANs.
2) I want to also configure each vlan IN/OUT traffic with different Public ip. is it possible or not ?
Vlan2 = 172.25.162.0 /24 => Inside to outside / Outside to inside traffic through 125.63.74.40
Vlan3 = 172.25.163.0 /24 => Inside to outside / Outside to inside traffic through 125.63.74.41
Vlan4 = 172.25 164.0 /24 => Inside to outside / Outside to inside traffic through 125.63.74.42
How can i configure above desired setup with CBWFQ
View 23 Replies
View Related
Apr 9, 2013
I had a lot of questions when I began planning a pair of Nexus 7000 switches as a replacement for our 6500. How to publish my design and config. This is a medium sized network. I would have loved to see somone's configs for a similar implementation.
[URL]...
View 5 Replies
View Related
Aug 29, 2012
I have some questions in regards to network equipment I want re-utilize for my distribution layer in one of my buildings.The choices at the moment are:
OPTION 1.) 2x WS-3550-12G's (HSRP)
OPTION 2.) 1x WS-6509 with cards:
What option would be better from a performance aspect? We want to have network, voice, and wireless data go through this distribution layer switch(es).This is exisiting equipment I already have and can not buy anything else at the moment.
View 2 Replies
View Related
Oct 6, 2012
To setup SG300-20 as CORE switch and SF100-48 as Distribution switch.SG300-20 will have 2 VLAN(DATA and VOICE)
-192.168.14.1/24 DATA
-172.168.0.1/24 VOICE
SF100-48 will also have 2 VLAN(DATA and VOICE)
-192.168.14.1/24 Desktop/Laptops
-172.168.0.1/24 IP phones
Problem is when I tried to assign IP to any VLAN's the switch will just hang and loose my connection the light will stop blinking it will steady and i unable to access the switch until i turn off again?
View 1 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3
I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis?Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Nov 21, 2011
I currently have a couple of 6509 chassis (router/switches) with the following hardware blades:
x3 48 ports
x1 NAM
x2 Sup720
Running 12.2(18)SXF3.I am keeping the four Sup720 modules and have purchased new versions of the others blades including two new 6509-E chassis. Can I take my stand-by Sup720 out of the production machine and insert it into the new chassis?
View 2 Replies
View Related
Mar 11, 2012
We have a pair of N7K distribution switches connected to a pair of N7K Aggregation switches.We run vPC on both pairs of n7k's.
-n7k-d1 has two interfaces in a Port-Channel connecting to n7k-a1 & n7k-a2. (PC1)
-n7k-d2 also has two interfaces in a Port-Channel connecting to n7k-a1 & n7k-a2. (PC2)
My problem is that Spanning-Tree is blocking PC2 and all traffic from n7k-d2 is traversing the Peer-Link before reaching the Aggregation layer. Is this the best design for connecting two pairs of n7k's with vPC or if a better design would be to connect all 4 links into the same Port-Channel and vPC?
View 7 Replies
View Related
Nov 26, 2012
I have acquired a Cisco 881 router and have installed CCP express onto it. The router is set to factory default and I am using IE9, Java is also installed.i try to log in using the default IP of 10.10.10.1 through the browser and the log in box pops up, I type the default "cisco - cisco" to log in, the box disappears but then nothing, just a blank browser page, CCP express refuses to boot up.PC's firewall and security programs are turned off.Pop up blockers are deactivated in browser.Flash is installed.I've tried downgrading my version of Java to various versions and doing a hard reset but still no luck.I've tried CCP Express versions 2.6 & 2.7.I have tried from 2 different PCs.I have also tried from Firefox with the same result.I am able to access the router from console and CCP full version.
View 10 Replies
View Related
Aug 6, 2012
What is the best way to load balance traffic between an FWSM and ASA 5520? Both are attached to a 6509-E (in seperate VLANs). The problem is the FWSM doesn't support any dynamic routing protocols (in multi context mode). So with my limited knowledge I don't see a way to do this.
View 8 Replies
View Related
Sep 22, 2011
I am aware there is a feature request but don't see any updates. Taking the chance here that its fallen through the cracks and someone has figured out another way to monitor inspection load on ASA-SSM-20 IPS. We are currently running 7.0(5a)E4. I want to be able to use Solarwinds Orion to monitor Inspection Load on our IPS devices.
View 1 Replies
View Related
