Jaycee's Networking

July 30, 2009

Commit Junos Configuration

Filed under: Junos — Tags: — Jaycee @ 7:53 am

JUNOS configuratino steps

1. Candidate Configuration: You always enter your configuration or changes as a condidate file.

2. “show|compre“: see exactly changes you made and look for any last-minute typos.

3. “commit check“: The system verifies the logic and completeness of your new configuration entries without activating any changes.

4. “commit confirmed“: If you don’t confirm your changes by entering commit within 10 minutes of activation, the device reverts back to the prior configuration.

5. “rollback“: lets you restore the rescue or any of the prior 50 configurations. A quick rollback is much easier than undoing one command at a time.


July 1, 2009

Virtual Switching System (VSS)

Filed under: Information, IOS — Tags: , — Jaycee @ 7:22 pm

A. VSS (Virtual Switching System)

1. VSS pools multiple Catalyst 6500 switches into one virtual switch, increasing bandwidth capacity to 1.4 Tbps.

2. A VSS will allow 2x 6500 to operate as a single logical virtual switch called VSS1440.

3. VSS1440 = 2x 6500 with SUP720-10GE

4. In a VSS, the data plane and switch fabric with capacity of 720 Gbps of supervisor engine in each chassis are active at the same time on both chassis, combining for an active 1400-Gbps switching capacity per VSS. But

a. ONLY ONE of the virtual switch members has the active control plane.

b. Both chassis are kept in sync with the SSO (Stateful Switchover) mechanism along with NSF (Nonstop Forwarding) to provide nonstop communication.

5. Benefits:

a. single point of management, IP address, and routing instance for 6500 virtual switch

1) single configuration file and node to manage.

2) removes the need to configure redundant switches twice with identical policies.

3) Only one gateway IP address is required per VLAN instead of the 3 IP address per VLAN used today.

4) removes the need for HSRP, VRRP, GLBP

*Cisco LMS (LAN Management System) 3.0 can be used to centrally manage a 6500 virtual switch as a single entity

b. MEC (Multichassis EtherChannel) is a Layer 2 multipathing technology that creates simplified loop-free toplogies, eliminating the dependency on STP. (STP can still be activated to protect strictly against any user misconfiguration.)

c. Flexible deployment – physical switches don’t have to be colocated: 2 physical switches are connected with standard 10 Gigabit Etherent interfaces and as such can be located any distance based on the distance limitation of the 10Gigabit Etherenet optics.

d. VSS eliminates L2/L3 protocol reconvergence if a virtual switch member fails

e. VSS scales system bandwidth to 1.4Tbps:

1) activates all L2 bandwidth across redundant 6500 switches with automatic load sharing.

2) maximizing server bandwidth throughput

f. eliminating unicast flooding caused by asymmetrical routing in traditional campus designs

g. optimizing the number of hops for intracampus traffic using multichassis EtherChannel enhancements

6. Target deployment areas for VSS:

a. Campus or DC core/distribution layer

b. DC access layer (server connectivity)

7. Two physical chassis doesn’t need to be identical in the type of modules installed or even type of chassis. For example, a WS-C6503-E chassis can be combined with a WS-C6513 chassis to form a VSS.

8. eFSU (enhanced fast software upgrade) is a mechanism to perform software upgrades while maintaining HA. It leverages the existing features of NSF and SSO and significantly reduces the downtime to less than 200ms.

9. Dual active state is detected rapidly by:

a. Enhancement to PAgP used in MEC with connecting Cisco switches

b. L3 BFD (Bidirectional Forwarding Detection) configuration on a directly connected link between virtual siwtch memebers or through an L2 link through an access layer switch.

c. L2 Fast-Hello Dual-Active Detection configuration on a directly connected link between virtual switch members.

B. MEC (Multichassis EtherChannel)

1. MEC allows a connected node to terminate the EtherChannel across the 2 physical Catalyst 6500 switches that make up the VSS leading to creating simplified loop-free L2 toplogy.

2. Using MEC in VSS topology results in all links being active and at the same time provides for a highly available topology without the dependency of STP.

3. supports up to 512 MECs.

End-of-Row or Top-of-Rack for Server Networking in DC

Filed under: Information, IOS, Routing Design — Tags: , — Jaycee @ 2:05 pm

There are 3 primary approaches for server networking in dc environment:

1. End-of-Row:

a. When aggregating servers larger than 1U or servers with a mixed amount of interface types and densities, Catalyst 6500 Series switches are used to support one or more racks.

b. Advantage:

1) cost effective – delivering the highest level of switch and port utilization, especially when coupled with the rich set of network visualization services available in the Catalyst 6500 Series. (6500 supports a wide variety of service modules, simplifies pushing security and application networking service into the access layer.)

2) server-independent – provides maximum felxibilty to support a borad range of servers.

3) performance advantage – 2 servers exchange large volumes of information cab be placed on the same line card as opposed to card-to-card or switch-to-switch, which will be slower.

c. Disadvantage:

1) cable/patch panel cost – physical volume of the cables and the waste of the valuable rack space

2. Top-of-Rack:

a. When stacking  40 1U servers in a rack one or two, 1U Rack Switches (like the Catalyst 4948-10G) are often used to aggregate all of these servers with Gigabit Ethernet and then run a couple 10GbE links back to the aggregation switches. (In some cases, 2x 4948 switches are used for HA purpose.) (Catalyst 4948is optimized for the dc environment.)

b. Advangate:

1) simplified cable management

2) avoid rack space and cooling issues

3) avoid cooling issues of end-of-rack switching

4) fast port-to-port switching for servers within the rack

5) predictable oversubscription of the uplink ans smaller switching domains (one per rack) to aid in fault isolatio and containment

c. Disadvantage:

1) Not enough servers to fill the switch in one rack – solution: put one top-of-rack switch server in an adjacent rack to preserve the advantages of the top-of-rack switch wile increasing port utilization.

3. Integrated:

a. When using blade servers, blade switches would be deployed. Cisco Catalyst Blade Switch 3000 Series support the visualization, segmentation, and management tools needed to properly support this environment.

b. When server virtualization is in use, it can rapidly increase the complexity of the network (the number of MAC addresses, complexity of spanning tree, data pathways, etc.)

c. In some larger dc, using the pass-thru module or the balde switches where it’s aggregated into a series of rack switches.

*Most people like dual top-of-rack because servers have dual production uplinks. But they can’t really fit in 40 1U servers due to power limitation or heating problem. So they end up 3 racks using the top-of-rack switch in the middle rack and cables are going between cabinets. End-of-rack is actually designed for this situation. But placing 6500 in the middle rack would cause overheating problem. 6500 switches thus shall be placed at the end of the row.

Create a free website or blog at WordPress.com.