We have an active/passive set of 3400's connected to a single switch. Each 3400 is connected with all 8 interfaces in one large trunk port with several vlans on top of the trunk port. We're adding a second switch, for redundancy, and am confused as to how I should connect the 3400's. Should I connect each 3400 to both switches, or one 3400 to one switch? Thoughts?

My thoughts are you keep it simple and do one 3400 to one switch. CB

I would second that. We have run for about 10 years now with redundant F5 Load balancers on Cisco switches with one load balancer connected to one switch and the standby load balancer on the other switch. All of our server switches are deployed with a L2 port-channel (2G) trunk between them. We don't do trunking on the F5 ports. We do one-armed load balancing with SNAT, and just have the one interface in a vlan dedicated to F5 virtual servers, and let the load balancer route thru the cisco network to the member nodes. That way only load balanced traffic goes thru the load balancer. I'd be very very careful about spanning tree and the trunking if both the 3400 bigips and the Cisco 6509's are participating in that, could lead to some rather challenging problems....

I would eliminate as much spanning tree as possible. I suggesting using a VSS Sup 720 which basically removes spanning tree between 2 switches - that is if it's financial feasible. CB

Hi, In our configurations, we have each big-ip connected to both switches, and the switches are responsible for Rapid Spanning Tree, in order to have full redundancy. Each VLAN have 2 interfaces on the big-ips, and each interface go to different switches. It requires some configuration on the switch side to work smoothly. It creates some flaping on the network every failover or reboot, caused by the RSTP negotiations, but that is normal. Regards, Jose Oyervides.

If we had the budget, I'd be all over the VSS Sup, however we just the the 720-3B. I'll connect one 3400 to switch 1 and the other to switch 2. I'm going to leave the 8 port trunk on each 3400 and run all vlan's over the trunk. It works for us now, so we'll keep it.

Proper Way To Connect Two 3400's To Two Cisco 6509's

The_Bhattman
Nimbostratus
Oct 12, 2009
My thoughts are you keep it simple and do one 3400 to one switch.

CB
Mark_Cloutier
Nimbostratus
Oct 12, 2009
I would second that. We have run for about 10 years now with redundant F5 Load balancers on Cisco switches with one load balancer connected to one switch and the standby load balancer on the other switch. All of our server switches are deployed with a L2 port-channel (2G) trunk between them. We don't do trunking on the F5 ports. We do one-armed load balancing with SNAT, and just have the one interface in a vlan dedicated to F5 virtual servers, and let the load balancer route thru the cisco network to the member nodes. That way only load balanced traffic goes thru the load balancer. I'd be very very careful about spanning tree and the trunking if both the 3400 bigips and the Cisco 6509's are participating in that, could lead to some rather challenging problems....
The_Bhattman
Nimbostratus
Oct 12, 2009
I would eliminate as much spanning tree as possible. I suggesting using a VSS Sup 720 which basically removes spanning tree between 2 switches - that is if it's financial feasible.

CB
Jose_Santiago_O
Nimbostratus
Oct 12, 2009
Hi,

In our configurations, we have each big-ip connected to both switches, and the switches are responsible for Rapid Spanning Tree, in order to have full redundancy.

Each VLAN have 2 interfaces on the big-ips, and each interface go to different switches.

It requires some configuration on the switch side to work smoothly. It creates some flaping on the network every failover or reboot, caused by the RSTP negotiations, but that is normal.

Regards,

Jose Oyervides.
Fotios_30046
Nimbostratus
Oct 13, 2009
If we had the budget, I'd be all over the VSS Sup, however we just the the 720-3B. I'll connect one 3400 to switch 1 and the other to switch 2. I'm going to leave the 8 port trunk on each 3400 and run all vlan's over the trunk. It works for us now, so we'll keep it.
The_Bhattman
Nimbostratus
Oct 13, 2009
If it works then by all means use it.

CB
JRahm
Admin
Oct 14, 2009
I'd also make sure that since you are transitioning to a redudant distribution that your l2/l3 configurations ensure one switch is active (stp root bridge and hsrp) per vlan.
The_Bhattman
Nimbostratus
Oct 14, 2009
Good point Citizen_Elah. That is of course you are running GLBP which apparently is now starting to become a favorite in some Cisco configurations.
The_Bhattman
Nimbostratus
Oct 19, 2009
Set it for 30 seconds which is what F5 recommends as the minimum.

CB
Fotios_30046
Nimbostratus
Oct 19, 2009
Thanks for all the help everyone.