[c-nsp] FWSM failover transparent mode
Just upgraded our FWSM to version 3.1.11 after 3 random crashes in a month. Now we are thinking about buying a second FWSM to do failover in order to limit downtime and facilitate upgrades : most of our servers are connected to the 6513 carrying this FWSM. We use the 2 standard virtual contexts of the FWSM, both in transparent mode, 8 bridged vlans on one, 2 bridged vlans on the second. In the release notes of 3.1.11 I however read under Open Caveats CSCm73157 : Failover is not working in transparent mode... Anyone has experience with FWSM failover in transparent mode ? Does this really doesn't work ? Does it work under 3.2 or 4.0 ? Any info would be appreciated before we invest more than 15K Euros... Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] FWSM failover transparent mode
On Fri, 5 Sep 2008, Holemans Wim wrote: Just upgraded our FWSM to version 3.1.11 after 3 random crashes in a month. Now we are thinking about buying a second FWSM to do failover in order to limit downtime and facilitate upgrades : most of our servers are connected to the 6513 carrying this FWSM. In the release notes of 3.1.11 I however read under Open Caveats CSCm73157 : Failover is not working in transparent mode... Anyone has experience with FWSM failover in transparent mode ? Does this really doesn't work ? Does it work under 3.2 or 4.0 ? FWSM failover in transparent mode does work in 3.2. Specifically, 3.2(4) and above. Right now we're running 3.2(6) and 3.2(7) in production. I want to give the 4.x code more time to 'bake' before I put it in production here. I may try it out in our development lab soon. jms ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] FWSM failover transparent mode
I'm running 3.2(6) fairly well in production. I would go up to 3.2(4) or better. tv - Original Message - From: Holemans Wim [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Friday, September 05, 2008 3:35 AM Subject: [c-nsp] FWSM failover transparent mode Just upgraded our FWSM to version 3.1.11 after 3 random crashes in a month. Now we are thinking about buying a second FWSM to do failover in order to limit downtime and facilitate upgrades : most of our servers are connected to the 6513 carrying this FWSM. We use the 2 standard virtual contexts of the FWSM, both in transparent mode, 8 bridged vlans on one, 2 bridged vlans on the second. In the release notes of 3.1.11 I however read under Open Caveats CSCm73157 : Failover is not working in transparent mode... Anyone has experience with FWSM failover in transparent mode ? Does this really doesn't work ? Does it work under 3.2 or 4.0 ? Any info would be appreciated before we invest more than 15K Euros... Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] FWSM failover transparent mode
Not to hijack this thread, but what modules are you using for server connectivity in your 6513? We deployed some 6513s as SF switches long ago (bad decision), and are now swapping them out with the 6509-E chassis due to the need for additional performance (6748s in all slots). -- Eric Cables On Fri, Sep 5, 2008 at 1:35 AM, Holemans Wim [EMAIL PROTECTED] wrote: Just upgraded our FWSM to version 3.1.11 after 3 random crashes in a month. Now we are thinking about buying a second FWSM to do failover in order to limit downtime and facilitate upgrades : most of our servers are connected to the 6513 carrying this FWSM. We use the 2 standard virtual contexts of the FWSM, both in transparent mode, 8 bridged vlans on one, 2 bridged vlans on the second. In the release notes of 3.1.11 I however read under Open Caveats CSCm73157 : Failover is not working in transparent mode... Anyone has experience with FWSM failover in transparent mode ? Does this really doesn't work ? Does it work under 3.2 or 4.0 ? Any info would be appreciated before we invest more than 15K Euros... Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] FWSM failover transparent mode
We experienced the reboots too; there is also bugs in this revision code train for ethertype ACLs. We migrated to 3.2(4) all is fixed. Regards, Ge Moua | Email: [EMAIL PROTECTED] Network Design Engineer University of Minnesota | Networking Telecommunications Services -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Cables Sent: Friday, September 05, 2008 11:59 AM To: Holemans Wim Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] FWSM failover transparent mode Not to hijack this thread, but what modules are you using for server connectivity in your 6513? We deployed some 6513s as SF switches long ago (bad decision), and are now swapping them out with the 6509-E chassis due to the need for additional performance (6748s in all slots). -- Eric Cables On Fri, Sep 5, 2008 at 1:35 AM, Holemans Wim [EMAIL PROTECTED] wrote: Just upgraded our FWSM to version 3.1.11 after 3 random crashes in a month. Now we are thinking about buying a second FWSM to do failover in order to limit downtime and facilitate upgrades : most of our servers are connected to the 6513 carrying this FWSM. We use the 2 standard virtual contexts of the FWSM, both in transparent mode, 8 bridged vlans on one, 2 bridged vlans on the second. In the release notes of 3.1.11 I however read under Open Caveats CSCm73157 : Failover is not working in transparent mode... Anyone has experience with FWSM failover in transparent mode ? Does this really doesn't work ? Does it work under 3.2 or 4.0 ? Any info would be appreciated before we invest more than 15K Euros... Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] FWSM failover transparent mode
48 port 10/100/1000mb EtherModule WS-X6148-GE-TX Bought them without knowing about the 8port 1Gig limit ; We plan to replace this construction next year with a VSS solution, type of 65XX not yet chosen. Wim Holemans -Original Message- From: Eric Cables [mailto:[EMAIL PROTECTED] Sent: vrijdag 5 september 2008 18:59 To: Holemans Wim Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] FWSM failover transparent mode Not to hijack this thread, but what modules are you using for server connectivity in your 6513? We deployed some 6513s as SF switches long ago (bad decision), and are now swapping them out with the 6509-E chassis due to the need for additional performance (6748s in all slots). -- Eric Cables On Fri, Sep 5, 2008 at 1:35 AM, Holemans Wim [EMAIL PROTECTED] wrote: Just upgraded our FWSM to version 3.1.11 after 3 random crashes in a month. Now we are thinking about buying a second FWSM to do failover in order to limit downtime and facilitate upgrades : most of our servers are connected to the 6513 carrying this FWSM. We use the 2 standard virtual contexts of the FWSM, both in transparent mode, 8 bridged vlans on one, 2 bridged vlans on the second. In the release notes of 3.1.11 I however read under Open Caveats CSCm73157 : Failover is not working in transparent mode... Anyone has experience with FWSM failover in transparent mode ? Does this really doesn't work ? Does it work under 3.2 or 4.0 ? Any info would be appreciated before we invest more than 15K Euros... Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] FWSM failover transparent mode
6748s here. The customer was considering VSS but it didn't/doesn't support FWSM and ACE. So, he's stuck for a bit. tv - Original Message - From: Eric Cables [EMAIL PROTECTED] To: Holemans Wim [EMAIL PROTECTED] Cc: cisco-nsp@puck.nether.net Sent: Friday, September 05, 2008 11:58 AM Subject: Re: [c-nsp] FWSM failover transparent mode Not to hijack this thread, but what modules are you using for server connectivity in your 6513? We deployed some 6513s as SF switches long ago (bad decision), and are now swapping them out with the 6509-E chassis due to the need for additional performance (6748s in all slots). -- Eric Cables On Fri, Sep 5, 2008 at 1:35 AM, Holemans Wim [EMAIL PROTECTED] wrote: Just upgraded our FWSM to version 3.1.11 after 3 random crashes in a month. Now we are thinking about buying a second FWSM to do failover in order to limit downtime and facilitate upgrades : most of our servers are connected to the 6513 carrying this FWSM. We use the 2 standard virtual contexts of the FWSM, both in transparent mode, 8 bridged vlans on one, 2 bridged vlans on the second. In the release notes of 3.1.11 I however read under Open Caveats CSCm73157 : Failover is not working in transparent mode... Anyone has experience with FWSM failover in transparent mode ? Does this really doesn't work ? Does it work under 3.2 or 4.0 ? Any info would be appreciated before we invest more than 15K Euros... Wim Holemans Netwerkdienst Universiteit Antwerpen ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/