VIRTUAL SWITCHING SYSTEM (VSS

)

© 2007 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

1

Introduction to Virtual Switch
Concepts
Virtual Switch System is a new technology break through for the Catalyst 6500 family…

© Cisco Systems 2007

INTERNAL CISCO AUDIENCE ONLY

2

Virtual Switch System
Enterprise Campus
A Virtual Switch-enabled Enterprise Campus network takes on multiple benefits including simplified management & administration, facilitating greater high availability, while maintaining a flexible and scalable architecture…

L3 Core

Reduced routing neighbors, Minimal L3 reconvergence

L2/L3 Distribution

No FHRPs No Looped topology Policy Management

Access

Multiple active uplinks per VLAN, No STP convergence
3

© Cisco Systems 2007

INTERNAL CISCO AUDIENCE ONLY

Fast L2 convergence.Virtual Switch System Data Center A Virtual Switch-enabled Data Center allows for maximum scalability so bandwidth can be added when required. but still providing a larger Layer 2 hierarchical architecture free of reliance on Spanning Tree… Single router node. Fast L2 convergence L2 Distribution L2 Access © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 4 . Fast L2 convergence. Single active uplink per VLAN (PVST). Scalable Dual-Homed Servers. minimized L2 Control Plane. Scalable architecture L2/L3 Core Dual Active Uplinks.

LMP & RRP © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 5 .VIRTUAL SWITCH ARCHITECTURE Forwarding Operation. VSLP .

it extends the out of band channel allowing the active control plane to manage the hardware in the second chassis… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 6 .Virtual Switch Architecture Virtual Switch Link The Virtual Switch Link is a special link joining each physical switch together .

the Virtual Switch Link (VSL) must be brought online to determine Active and Standby roles.Virtual Switch Architecture VSL Initialization Before the Virtual Switch domain can become active. The initialization process essentially consists of 3 steps: 1 2 Link Bringup to determine which ports form the VSL Link Management Protocol (LMP) used to track and reject Unidirectional Links. Exchange Chassis ID and other information between the 2 switches LMP RRP LMP RRP 3 © Cisco Systems 2007 Role Resolution Protocol (RRP) used to determine compatible Hardware and Software versions to form the VSL as well as determine which switch becomes Active and Hot Standby from a control plane perspective INTERNAL CISCO AUDIENCE ONLY 7 .

Virtual Switch Architecture
VSLP Ping
A new Ping mechanism has been implemented in VSS mode to allow the user to objectively verify the health of the VSL itself. This is implemented as a VSLP Ping…
VSL
VSLP VSLP

VSLP

VSLP

Switch 1

Switch 2

The VSLP Ping operates on a per-physical interface basis and parameters such as COUNT, DESTINATION, SIZE, TIMEOUT may also be specified…
vss#ping vslp output interface tenGigabitEthernet 1/5/4 Type escape sequence to abort. Sending 5, 100-byte VSLP ping to peer-sup via output port 1/5/4, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 12/12/16 ms vss#

© Cisco Systems 2007

INTERNAL CISCO AUDIENCE ONLY

8

Virtual Switch Architecture
Forwarding Operation
In Virtual Switch Mode, while only one Control plane is active, both Data Planes (Switch Fabric’s) are active, and as such, each can actively participate in the forwarding of data …
Switch 1 - Control Plane Active Switch 2 - Control Plane Hot Standby

Virtual Switch Domain

Switch 1 - Data Plane Active

Switch 2 - Data Plane Active

Virtual Switch Domain
© Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 9

Virtual Switch Architecture
Virtual Switch Domain
A Virtual Switch Domain ID is allocated during the conversion process and represents the logical grouping the 2 physical chassis within a VSS. It is possible to have multiple VS Domains throughout the network…

VS Domain 10

VS Domain 20

VS Domain 30

The configurable values for the domain ID are 1-255. It is always recommended to use a unique VS Domain ID for each VS Domain throughout the network…
© Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 10

f8aa. © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 11 . there is also only ONE single router MAC address… Router MAC = 000f. since there is only a single routing entity now. In a Virtual Switch System. Regardless of either switch being brought down or up.Virtual Switch Architecture Router MAC Address In a standalone Catalyst 6500 system. the router MAC address is derived from the Chassis MAC EEPROM and is unique to each Chassis. the same MAC address will be retained such that neighboring network nodes and hosts do not need to re-ARP for a new address.9c00 The MAC address allocated to the Virtual Switch System is negotiated at system initialization.

Protocols.ETHERCHANNEL CONCEPTS Overview. Load Balancing. Enhancements with VSL © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 12 .

Etherchannel Concepts Multichassis EtherChannel (MEC) Prior to Virtual Switch. In a Virtual Switch environment. the 2 physical switches form a single logical network entity . Etherchannels were restricted to reside within the same physical switch. PAGP or ON Etherchannel modes are supported… Regular Etherchannel on single chassis Multichassis EtherChannel across 2 VSLenabled Chassis INTERNAL CISCO AUDIENCE ONLY 13 © Cisco Systems 2007 .therefore Etherchannels can now also be extended across the 2 physical chassis… Virtual Switch Virtual Switch LACP.

Etherchannel Concepts Etherchannel Hash for MEC Deciding on which link of a Multi-chassis Etherchannel to use in a Virtual Switch is skewed in favor towards local links in the bundle .this is done to avoid overloading the Virtual Switch Link (VSL) with unnecessary traffic loads… Blue Traffic destined for the Server will result in Link A1 in the MEC link bundle being chosen as the destination path… Orange Traffic destined for the Server will result in Link B2 in the MEC link bundle being chosen as the destination path… Link A1 Link B2 Server © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 14 .

them the BUNDLE_SELECT register is programmed to point packets to the VSL © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 15 .EtherChannel Concepts EtherChannel Hash for MEC • Localizing the decision to use a link in the bundle that is resident on the local Switch (thus avoiding forwarding over the VSL) is done as shown below • The BUNDLE_SELECT register Virtual Switch in the port ASIC is programmed to see only the local links of the EtherChannel bundle even though links that may exist in the same bundle are resident in the VS peer chassis • This behavior is fixed and cannot be changed by any configuration option Note: If all links in the local bundle go down.

168.10.168.EtherChannel Concepts EtherChannel Hash • A command can be invoked to assist in determining which link in the bundle will be used—it can use various hash inputs to yield an eight-bucket RBH value that will correspond to one of the port channel members Vss#sh etherchannel load-balance hash-result interface port-channel 120 ip 192.10 192.220.10 Computed RBH: 0x4 Would select Gi1/2/1 of Po120 © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 16 .

HARDWARE REQUIREMENTS… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 17 .

the new Catalyst 6500 Virtual Switching Supervisor 720 is required to be used. It is the only Supervisor that will support VSS as it supports both the new PFC3C/XL forwarding engine… The PFC3C/XL contains new hardware to support the extra LTL indices and mappings required to forward traffic across multiple physical chassis.Hardware Requirements Supervisor In order to enable the Virtual Switch feature and configure the Virtual Switch Links (VSL) between 2 Catalyst 6500 chassis. lookup enhancements as well as MAC address table handling enhancements… VS-S720-10G-3C/XL © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 18 .

allowing for frames across the VSL to be encapsulated / de-encapsulated with the VSH… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 19 .Hardware Requirements VSL-Capable Interfaces The VSL is a special link that requires extra headers to be imposed onto the frame. These require new port ASICs that exist only on the 10 GigabitEthernet interfaces on the following modules… Supervisor 720-10G VSS Note that these interfaces may also be used as standard network interfaces WS-X6708-10G-3C/XL These interfaces are supported by a new port ASIC.

dCEF720 and NAM only © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 20 . as well as SVC-NAM-1 and SVC-NAM-2. CEF256 and dCEF256 cards are not supported… CEF720. Classic.Hardware Requirements Other Supported Modules… Other modules that may exist in the VSL domain include all CEF720 and dCEF720 cards (WSX67xx-series).

Only DFC3C or DFC3CXL is supported in a Virtual Switch domain. 3B or 3BXL) is used in a VSL domain. the system will fall to a lowest common denominator mode which will not allow support for VSL… INTERNAL CISCO AUDIENCE ONLY 21 © Cisco Systems 2007 . If DFCs are not used on CEF720 modules.Hardware Requirements Distributed Forwarding Cards Distributed Forwarding Cards (DFCs) improve the performance of the Catalyst 6500 by offloading the lookup processing from the PFC to the ingress linecard. a Centralized Forwarding Card (CFC) must be installed in its place… Note that if a lower revision DFC (3A.

Netflow. EEM… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 22 . SNMP Support.OPERATIONAL MANAGEMENT Virtual Switch CLI. SPAN.

Operational Management Virtual Switching System CLI Multiple console interfaces exist within a Virtual Switch Domain. but only the active RP/SP consoles are enabled for command interaction… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 23 .

Operational Management Reloading the VSS Should there be a requirement to reload the entire Virtual Switch System (both chassis). the command “reload” can be used to accomplish this task… vss#reload Proceed with reload? [confirm] 1d04h: %SYS-5-RELOAD: Reload requested by console.SHUTDOWN NOW --*** 1d04h: %SYS-SP-5-RELOAD: Reload requested System Bootstrap. Reload Reason: Reload Command. *** *** --. Version 8. Cat6k-Sup720/SP processor with 1048576 Kbytes of main memory <…snip…> © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 24 . Inc.5(1) Copyright (c) 1994-2006 by cisco Systems.

Operational Management Reloading a member of the VSS It is also possible to reload each chassis individually by specifying the Switch ID assigned through the following command set… vss#redundancy reload shelf ? <1-2> shelf id <cr> vss#redundancy reload shelf 2 Reload the entire remote shelf[confirm] Preparing to reload remote shelf vss# © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 25 .

one per line.Operational Management Setting the System-wide PFC Mode Only PFC/DFC 3C/CXL are supported in a VSS. However. vs-vsl(config)#platform hardware vsl pfc mode pfc3c vs-vsl(config)#^Z vs-vsl# vs-vsl#sh platform hardware pfc mode PFC operating mode : PFC3C Configured PFC operating mode : PFC3C vs-vsl# © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 26 . bearing in mind that the system will take the lowest common denominator as the system-wide PFC mode. it is possible to mix modules in a 3C and 3CXL system. End with CNTL/Z. A new CLI has been implemented to allow the user to preconfigure the system mode to prevent modules from not powering up… vs-vsl#conf t Enter configuration commands.

Operational Management SNMP Support for VSS The SNMP process for a VSS necessitates support for “Put’s” and “Get’s” across 2 physical chassis.Active SNMP Get’s Switch 2 .Standby SNMP Modified MIB’s SNMP New MIB’s SNMP Process Active Virtual Switch Domain SNMP Process Inactive © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 27 . changes to existing MIB’s and support for a new MIB… SNMP Server SNMP Put’s Switch 1 .

Operational Management SNMP Modified MIB’s The following MIB’s have been modified to allow the collection of data in a Virtual Switch configuration… Virtual Switch MIB Name CISCO-LAG-MIB CISCO-EXT-BRIDGE-MIB CISCO-VLAN-MEMBERSHIP-MIB CISCO-ENVMON-MIB CISCO-STACK-MIB CISCO-OLD-CHASSIS-MIB CISCO-CAT6K-CROSSBAR-MIB Description of Change Extended to support 6000 ports Supports extension of BRIDGE-MIB (which is a standard and cannot be changed. Extended to support 6000 ports Virtual Switch Chassis number will be included in the “Description” field No longer supported No longer supported Support Standby Core with a different naming scope © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 28 . Extended to support up to 6000 ports.

VSL Port Count. Bi-dir and Uni-dir Packets This MIB will be the main vehicle though which Network Management stations access information relevant to the operation of the Virtual Switch… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 29 .Chassis Role and Uptime cvsVSLConnectionTable .the following MIB variables are accessible to an SNMP manager… cvsGlobalObjects . Switch Mode cvsCoreSwitchConfig . Operational State cvsVSLStatsTable .Operational Management New Virtual Switch MIB CISCO-VIRTUAL-SWITCH-MIB has been defined to support SNMP access to the Virtual Switch Configuration .Switch Priority and Preempt CISCO-VIRTUAL-SWITCH-MIB cvsChassisTable . Switch #. Bad.Domain #.TX/RX Good. Total Error Packets cvsVSLPortStatsTable .Total Packets.

1 <snip> OK? YES YES YES YES YES YES YES YES Method NVRAM NVRAM unset unset unset unset unset unset Status up up up up up up up up Protocol up up up up up up up up © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 30 .168.1 GigabitEthernet1/2/2 10.2 Te1/1/3 unassigned Te1/1/4 unassigned GigabitEthernet1/2/1 10.Operational Management Slot/Port Numbering After conversion.1.10.10.1.1 Te1/1/2 192.11. port definitions for switches within the Virtual Switch Domain inherit the Chassis ID as part of their naming convention… PORT NUMBERING: <CHASSIS-ID><SLOT-NUMBER><PORT-NUMBER> Chassis-ID WILL ALWAYS be either a “1” or a “2” VSS#show ip interface brief Interface IP-Address Vlan1 unassigned Port-channel1 unassigned Te1/1/1 10.1.10.

some of the File System naming conventions have changed to accommodate the new setup .g. OLD: disk0: NEW: sw1-slot5-disk0: e.g.Slot 5 Switch 1 Hot Standby Supervisor .Slot 5 Switch 2 © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 31 .Operational Management File System Naming After the conversion to a Virtual Switch.an example of the new setup is shown below… SW<NUMBER>SLOT<NUMBER>FILESYSTEM e. OLD: slavedisk0: NEW: sw2-slot5-disk0: AN EXAMPLE Virtual Switch Domain Active Supervisor .

RESOURCE: Operational Management File System Naming Some filenames have remained the same .others have changed .some examples of file system names in a Virtual Switch include the following… PREVIOUS disk0: slavedisk0: bootflash: slavebootflash: sup-bootdisk: slavesup-bootdisk: nvram: const_nvram: © Cisco Systems 2007 VIRTUAL SWITCH sw<number>slot<number>disk0: sw<number>slot<number>disk0: sw<number>slot<number>bootflash: sw<number>slot<number>bootflash: sw<number>slot<number>sup-bootdisk: sw<number>slot<number>sup-bootdisk: sw<number>slot<number>nvram: sw<number>slot<number>const_nvram: INTERNAL CISCO AUDIENCE ONLY 32 .

while Netflow export is only performed by the Control Plane on the VS Active … Switch 1 Supervisor Virtual Switch Domain Switch 2 Supervisor VSL VS State : Active Control Plane: Active Data Plane: Active Netflow Collection: Active Netflow Export: Active VS State : Standby Control Plane: Standby Data Plane: Active Netflow Collection: Active Netflow Export: In-Active Netflow operation in a Virtual Switch is similar to the way in which Netflow operates in a single chassis with Distributed Forwarding Card’s (DFC) present… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 33 .Operational Management Netflow In a Virtual Switch. with both Data Planes active. Netflow data collection is performed on each Supervisor’s PFC .

the number of SPAN sessions is limited to what the VS Active Supervisor can provide.Operational Management SPAN In a Virtual Switch Domain. SPAN capacity on the VS Standby is not factored into available SPAN sessions… Switch 1 Supervisor Virtual Switch Domain Switch 2 Supervisor VSL VS State : Active Control Plane: Active Data Plane: Active SPAN Management: Active Replication: Active VS State : Standby Control Plane: Standby Data Plane: Active SPAN Management: In-Active Replication: Active Virtual Switch is supported in Whitney 1 which introduces the following SPAN capabilities per Virtual Switch Domain… TX SPAN Sessions Virtual Switch Domain © Cisco Systems 2007 RX/Both SPAN Sessions 2 Total SPAN Sessions 16 34 14 INTERNAL CISCO AUDIENCE ONLY .

Operational Management EEM Script Registration Embedded Event Manager provides a means of users to run scripts that can be invoked when given events occur .the normal process will generate a warning message on a Virtual Switch WHY?????… vs-vsl(config)#event manager policy autoqos.running a script requires the script and directory holding the script to be registered .tcl could not be found Virtual Switch Domain Active Supervisor .Slot 5 Switch 2 © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 35 .Slot 5 Switch 1 Standby Supervisor .tcl Embedded Event Manager configuration on STANDBY: policy file autoqos.BUT .

Dual-Active Detection. Redundancy Schemes.HIGH AVAILABILITY Link Failure. GOLD © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 36 .

High Availability Link Failure Recovery Access Uplink Failure ~200 msec © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 37 .

High Availability Link Failure Recovery Routed Uplink Failure ~250 msec © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 38 .

High Availability Link Failure Recovery Active VS Failure ~200 msec © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 39 .

2(33)SXH1 Active VSL © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 40 Switch 2 12. Additionally.High Availability Redundancy Schemes The default redundancy mechanism between the 2 VSS chassis and their associated supervisors is NSF/SSO. Switch Fabric. modules and their associated DFCs become active… Switch 1 12. only in NSF/SSO mode does the Standby supervisor PFC.2(33)SXH2 RPR . Switch Fabric and modules will not be brought up Switch 1 12. allowing state information and configuration to be synchronized. where only configuration is synchronized.2(33)SXH1 Active VSL Switch 2 12.2(33)SXH1 NSF/SSO Should a mismatch of information occur between the Active and Standby Chassis. the Standby Chassis will revert to RPR mode. but PFC.

10.43 DHCP Snooping Binding Table MAC Add VLAN 00:50:56:01:e1:02 10 00:02:b3:3f:3b:99 18 00:16:a1:c2:ee:32 19 00:16:cb:03:d3:44 10 Interface Po10 Po10 Po20 Po20 © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 41 .10.2 172.34 10. etc… In a VSS environment.High Availability SSO-Aware Protocols As of 12. there are over 90 protocols that are SSO-aware. DHCP Snooping. failure of either VS will not require this information to be re-populated again… Switch 1 Virtual Switch Switch 2 IP Add 10.10 172. These include information such as ARP.10.10.26. IP Source Guard.19.26.2(33)SXH. NAC Posture database.18.

software version. interfaces… Power Redundancy mode Power Enable on VSL cards Additionally.High Availability NSF/SSO Requirements After the roles have been resolved through RRP. If these do not match. then the Standby switch will enter into RPR mode… Switch Virtual Domain ID Switch Virtual Node Type Switch Priority Switch Preempt VSL Port Channel Link ID VSL Port state. installed patches and PFC modes also need to be consistent for NSF/SSO mode to be entered… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 42 . The following items are checked for consistency. a Configuration Consistency Check is performed across the VSL switches to ensure proper VSL operation.

however it is a possibility… Switch 1 Supervisor Virtual Switch Domain Switch 2 Supervisor VSL VS State : Active Control Plane: Active Data Plane: Active VS State : Standby Control Plane: Standby Data Plane: Active It is always recommended to deploy the VSL with 2 or more links and distribute those interfaces across multiple modules to ensure the greatest redundancy © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 43 . one switch is elected as Active and the other is elected as Standby during bootup by VSLP.High Availability Dual-Active Detection In a Virtual Switch Domain. Since the VSL is always configured as a Port Channel. the possibility of the entire VSL bundle going down is remote.

High Availability Dual-Active Detection If the entire VSL bundle should happen to go down. the Virtual Switch Domain will enter a Dual Active scenario where both switches transition to Active state and share the same network configuration (IP addresses. etc…) potentially causing communication problems through the network… Switch 1 Supervisor Virtual Switch Domain Switch 2 Supervisor VSL VS State : Active Control Plane: Active Data Plane: Active VS State : Active Control Plane: Active Data Plane: Active 2 mechanisms have been implemented in the initial release to detect and recover from a Dual Active scenario: 1 Enhanced Port Aggregation Protocol (PAgP) 2 Dual-Active Detection over IP-BFD © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 44 . Router IDs. MAC address.

High Availability Dual-Active Detection: Enhanced PAgP • Enhanced PAgP allows for new TLVs to be relayed from the individual Virtual Switches to a remote device that is EtherChanneled to the Virtual Switch Domain. the Standby switch will transition immediately to Active state and start sending PAgP messages with the new Active switch ID INTERNAL CISCO AUDIENCE ONLY 45 © Cisco Systems 2007 . During normal operation the Virtual Switches will send the ID of the Active VS to the PAgP neighbor. and it will respond with the same Active ID Switch 2 Switch 1 Switch 2 Switch 1 Active: Switch 1 Active: Switch 1 Active: Switch 1 Active: Switch 2 • Should the VSL go down.

upon reception of PAgP messages with the Active ID of Switch 2. including the previous-active Virtual switch (Switch 1) Dual-Active! Switch 1 Switch 2 Switch 1 Switch 2 Active: Switch 2 Active: Switch 2 Active: Switch 2 On Switch 1.High Availability Dual-Active Detection: Enhanced PAgP • The Enhanced PAgP-capable neighbor will proceed to send the new Active Switch ID to all member ports of the port channel that it received the new Active Switch ID on. it will be aware that a Dual-Active scenario has occurred and will proceed to bring down all local interfaces INTERNAL CISCO AUDIENCE ONLY © Cisco Systems 2007 • 46 .

1 Channel group 20 dual-active detect capability Dual-Active trusted group: Yes Dual-Active Partner Port Detect Capable Name Te1/1/1 Yes vs-access-2 Te2/1/1 Yes vs-access-2 © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY w/nbrs Partner Port Te5/1 Te5/2 Partner Version 1. End with CNTL/Z. one vss(config)#switch virtual domain vss(config-vs-domain)#dual-active vss(config-vs-domain)#dual-active vss(config-vs-domain)# per line.1 47 . 100 detection pagp trust channel-group20 vss#sh switch virtual dual-active pagp PAgP dual-active detection enabled: Yes PAgP dual-active version: 1.High Availability Dual-Active Detection: Enhanced PAgP • Dual-Active Detection capabilities require that the neighboring device be Dual-Active Detection Aware. It must also be configured to be trusted from the switch virtual configuration submode vss#conf t Enter configuration commands.1 1.

This mechanism requires that a direct heartbeat link be used to carry the IP-BFD frames from Switch 1 to Switch 2 VSL IP-BFD Heartbeat Link Switch 1 Switch 2 VSL BFD BFD IP-BFD Heartbeat Link Switch 1 Switch 2 • The IP-BFD Heartbeat Link may exist on any interface but must have an IP address assigned to it on a different network INTERNAL CISCO AUDIENCE ONLY 48 © Cisco Systems 2007 .High Availability Dual-Active Detection: IP-BFD • Dual-Active Detection with IP-BFD allows for the detection of a Dual-Active scenario subsequent to the Standby RP becoming Active.

255.231 255.255.230. two directly-connected interfaces must be configured as BFD message links vss(config)#interface gigabitethernet 1/5/1 vss(config-if)#no switchport vss(config-if)#ip address 200.255.230.255.255.0 Gi2/5/1 for this dual-active pair adding a static route 201.230.255.230.High Availability Dual-Active Detection: IP-BFD • To enable IP BFD as the detection mechanism.0 vss(config-if)#bfd interval 100 min_rx 100 multiplier 50 vss(config-if)#no shutdown vss(config-if)#exit vss(config)#switch virtual domain 100 vss(config-vs-domain)#dual-active detection bfd vss(config-vs-domain)#dual-active pair interface g 1/5/1 interface g 2/5/1 bfd adding a static route 200.230.230.231 255.255.0 Gi1/5/1 for this dual-active pair vss(config-vs-domain)# © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 49 .0 255.0 255.0 vss(config-if)#bfd interval 100 min_rx 100 multiplier 50 vss(config-if)#no shutdown vss(config-if)#interface gigabitethernet 2/5/1 vss(config-if)#no switchport vss(config-if)#ip address 201.255.230.230.

VSLP will detect this and will proceed to reload Switch 1 so that it may be able to re-negotiate Active/Standby role after bootup Switch 1 VSL Up! Reload… VSLP VSLP Switch 2 Switch 1 Switch 2 • After role has been resolved and SSO Hot Standby mode is possible.High Availability Dual-Active Recovery • Upon the restoration of one or more VSL interfaces. interfaces will be brought up and traffic will resume back to 100% capacity INTERNAL CISCO AUDIENCE ONLY 50 © Cisco Systems 2007 .

Exclude Interfaces Upon detection of a Dual Active scenario. all interfaces on the previous-Active switch will be brought down so as not to disrupt the functioning of the remainder of the network.High Availability Dual-Active Detection . The exception interfaces include VSL members as well as pre-determined interfaces which may be used for management purposes… vs-vsl#conf t Enter configuration commands. End with CNTL/Z. one per line. vs-vsl(config)#switch virtual domain 100 vs-vsl(config-vs-domain)#dual-active exclude interface Gig 1/5/1 vs-vsl(config-vs-domain)#dual-active exclude interface Gig 2/5/1 vs-vsl(config-vs-domain)# ^Z vs-vsl# © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 51 .

High Availability Dual-Active Recovery Upon the restoration of one or more VSL interfaces. VSLP will detect this and will proceed to reload Switch 1 so that it may be able to re-negotiate Active/Standby role after bootup… Switch 1 Switch 2 VSL Up! Reload… Switch 1 VSLP VSLP Switch 2 After role has been resolved and SSO Hot Standby mode is possible. interfaces will be brought up and traffic will resume back to 100% capacity… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 52 .

High Availability Generic OnLine Diagnostics (GOLD) Some enhancements to the GOLD framework have been implemented in a VSS environment. but is centrally managed by the Active Supervisor in the Active chassis… Switch 1 VSL Switch 2 VS State : Active Local GOLD: Active Distributed GOLD Manager VS State : Standby Local GOLD: Active There are 4 new tests that are available in VSS mode: 1 TestVSLLocalLoopback 2 TestVSLBridgeLink 3 TestVSLStatus 4 TestVSActiveToStandbyLoopback © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 53 . which leverages a Distributed GOLD environment. each supervisor runs an instance of GOLD. In this case.

QUALITY OF SERVICE Trust. Classification & Policing. VSL QoS © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 54 .

or the ingress linecard DFC.Quality of Service Classification & Policing Both Classification and Policing functions are handled by PFC QoS. or Port Channels. There are 2 important caveats which must be understood whilst implementing these functions… 1 Policies must either be applied on L3 interfaces (SVIs or Physical interfaces). policy-map CLASSIFY class class-default set ip dscp 40 interface GigabitEthernet 2/3/48 switchport service-policy input CLASSIFY policy-map CLASSIFY class class-default set ip dscp 40 interface PortChannel 10 switchport service-policy input CLASSIFY INTERNAL CISCO AUDIENCE ONLY 55 © Cisco Systems 2007 . and is executed by either the PFC on the Active and Hot Standby Supervisor. Policies on L2 interfaces are not supported in this release.

Quality of Service Classification & Policing 2 Aggregate policers that are applied on SVIs or Port Channels that have interfaces distributed across multiple forwarding engines are subject to Distributed Policing caveats… policy-map POLICE class class-default police average 10000000 Interface GigabitEthernet 1/2/10 channel-group 20 mode desireable Interface GigabitEthernet 2/2/10 channel-group 20 mode desireable interface PortChannel 20 service-policy input POLICE © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 56 .

it is not configurable.Quality of Service QoS on the VSL The VSL itself has QoS provisioned by default and in the FCS release of the software. Thresholds and Queues are not configurable on the VSL VSL HTTP FTP VSLP Switch 1 Switch 2 © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 57 . A few important aspects relating to VSL QoS are as follows: 1 VSLP and other Control frames are always marked as Priority packets and are always queued and classified as such 2 VSL is always configured as “Trust CoS” and hence ingress queuing is enabled 3 Service Policies are not supported on the VSL 4 CoS Maps.

IMAGE MANAGEMENT File System Naming Convention © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 58 .

cef 59 © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY . All filesystem activities take place at single centralized location… vs-vsl#dir sw1-slot5-sup-bootdisk: Directory of sup-bootdisk:/ 1 2 -rwx -rwx 33554496 150198412 Jan 10 2007 14:53:16 +00:00 Feb 7 2007 17:28:56 +00:00 sea_log.dat s72033-adventerprisek9_wan_dbg-vz.0124_all vs-vsl#dir sw2-slot5-sup-bootdisk: Directory of slavesup-bootdisk:/ 1 2 -rwx -rwx 33554464 150678668 Feb 9 2007 16:39:02 +00:00 Feb 9 2007 16:45:14 +00:00 sea_log.dat s72033-adventerprisek9_wan_dbg-vz.Image Management Managing the File System The Filesystems in a VSS environment are completely managed from the Active Switch’s console.

others have changed .some examples of file system names in a Virtual Switch include the following… PREVIOUS disk0: slavedisk0: bootflash: slavebootflash: sup-bootdisk: slavesup-bootdisk: nvram: const_nvram: © Cisco Systems 2007 VIRTUAL SWITCH sw<number>slot<number>disk0: slavedisk0: sw<number>slot<number>bootflash: slavebootflash: sw<number>slot<number>sup-bootdisk: slavesup-bootdisk: sw<number>slot<number>nvram: sw<number>slot<number>const_nvram: INTERNAL CISCO AUDIENCE ONLY 60 .Image Management File System Naming Some filenames have remained the same .

SUMMARY… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 61 .

Virtual Switch System Deployment Considerations Virtual Switch will incorporate some deployment considerations as best practice… © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 62 .

Virtual Switch System Benefits © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 63 .

Virtual Switch System Summary © Cisco Systems 2007 INTERNAL CISCO AUDIENCE ONLY 64 .

Sign up to vote on this title
UsefulNot useful