Greetings, 1. Is it recommended .... VRRP ....
I speak for myself, but yes. I could recommend it. It is exactly what I did to keep the end stations from getting a redirect and bypassing their first hop VRRP. Currently I have two N7 boxes and two Cisco 3845s in both VLAN 148 and 106. They are all participating in OSPF. The two N7s participate in VRRP. Here's what my config looks like: interface vlan 106 ip address 10.205.106.6 255.255.254.0 no ip redirects no shutdown ip ospf message-digest-key 9 md5 REDACTED ip ospf priority 150 ip vrrp message-digest-key 2 md5 REDACTED interface vlan 148 ip address 10.205.148.6 255.255.254.0 no ip redirects no shutdown ip ospf message-digest-key 9 md5 REDACTED ip ospf priority 150 ip vrrp message-digest-key 1 md5 REDACTED router vrrp create vlan 106 2 address vlan 106 2 10.205.106.1 0 priority vlan 106 2 254 master-icmp-reply vlan 106 2 enable vlan 106 2 create vlan 148 1 address vlan 148 1 10.205.148.1 0 priority vlan 148 1 254 master-icmp-reply vlan 148 1 enable vlan 148 1 Recently I have been thinking about firing up four new VLANS. Each VLAN would contain a /30 network with two hosts each. Each VLAN would contain every combination of N7-A OR N7-B AND Cisco-A OR Cisco-B. This way, the first hop router on VLAN 148 is always guarenteed to be the N7 VRRP process since the Cisco boxes are on a separate network. I do realize that creating these extra VLANS does not scale, but it is a convienent way to eliminate the ip redirect doubt. What do you think? Thanks, Lou Goddard ----- Original Message ----- From: Thorsten Steffen <[email protected]> Sent: Tue, 6/16/2009 9:26am To: Enterasys Customer Mailing List <[email protected]> Subject: [enterasys] two questions concerning vrrp and stp Hello, I have two questions concerning the configuration of vrrp and stp: 1. Is it recommended to disable ip redirects on l3 interfaces when using VRRP? I know that recommendation from cisco (with hsrp) to prevent ip redirects to physical interface ip addresses which cancels the redundancy function. Does anybody know if "no ip redirects" is recommended respectively working well also when using DFEs with VRRP? 2. How to deactivate STP BPDUs (in and out) on a switchport? Is the command "set spantree portenable <Port> disable" the best way to isolate two single connected stp domains from each other when l3 is not possible? Best Regards and many thanks in advance, Thorsten Steffen Westdeutscher Rundfunk Köln IT- und Netz-Services / Netze und Telekommunikation Appellhofplatz 1 50667 Köln Germany --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected] ------------------ CONFIDENTIALITY NOTICE --------------- This message, including any attachments, is for the sole use of the intended recipient(s) and may contain privileged confidential information protected by law. Any unauthorized review, use, disclosure or distribution of this message is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of this message. ------------------ CONFIDENTIALITY NOTICE --------------- -------- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. --- To unsubscribe from enterasys, send email to [email protected] with the body: unsubscribe enterasys [email protected]
