Cisco 6500 VSS Configuration Example

@Rene- Does this procedure is same for 6800 series switches ?

Hello Arun.

I have never implemented VSS myself on a 6800 series switch but based on my research, as long as you have a Supervisor 2T that supports VSS and the proper IOS, you can configure VSS in the same manner on both the 6500 and the 6800.

I hope this has been helpful!

Laz

19 posts were merged into an existing topic: Cisco 6500 VSS Configuration Example

Hi,

Rene If a switch is connected to VSS enable switch ( redundant connectivity switch 1 and switch 2 ) and RSTP is running in this case
who will be the root bridge ?

Thanks

1 Like

Hi team

what is the dual-active detection concept ?
To achieve dual active detection - do we need to have separate link between both VSS chassis OR it is part of VSL ?

Thanks

Hi Abhishek,

If your VSL fails then the standby switch can’t tell if the active switch is still there or not. If the standby switch goes active while the active switch is still there, both will be active, forwarding packets and you’ll run into issues. This is called “dual active”.

Dual-active detection is configured outside of the VSL link. There’s enhanced PAgp, BFD and Dual-Active Fast Hello Packets to use. You can use one or all three at the same time.

Cisco has a pretty good document for this:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vss.html#wp1063718

Rene

19 posts were merged into an existing topic: Cisco 6500 VSS Configuration Example

Is it necessary to use a port channel to configure vss?

I currently only have 2 sfps to connect two
4506-E switches

Hello Helen

The use of two or more links for the Virtual Switch Link (VSL) is only a recommendation by Cisco. It is not manditory. However, this is not recommended as VSS is designed to be a high availability system and by having only one link, this high availability is sacrificed. It should be implemented fully realising this. Ideally, you should purchase an additional module to implemente multiple links.

I hope this has been helpful!

Laz

1 Like

I’m sure I’m missing something here but if I were to use VSS on 2 layer 3 4500 chassis and wanted to connect a access switch to the VSS pair would I use a regular port channel to connect to the VSS pair from the access switch or is there an actual multi-chassis Ethernet port configuration I would need to configure between the access switch and the VSS pair? I’m just a bit confused as to what configuration I need to connect multiple access layer switches to the VSS pair. I’ve been trying to research it but am pretty confused about the topic as I’m not able to see a straight forward answer. Any clarification would be helpful.

Hello Jason

There is no special configuration that you need to apply to the access switch that connects via etherchannel to the VSS pair. From the point of view of the access switch, the etherchannel that is being configured would be exactly the same whether both (or all) links are connected to the same physical switch or if they are connected to both members of the VSS pair. The special configuration would be applied on the VSS pair side.

Take a look at the following Cisco documentation that describes such a configuration:


I hope this has been helpful!

Laz

1 Like

Hey, you mentioned that NSF and SSO don’t have to be configured but Cisco documentation says otherwise: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vss.html#wp1130268 “Configure SSO and NSF on each chassis”

Do I miss something here, or it’s something new that you aren’t familiar with?

Hello Inon

Yes, you are correct that according to Cisco documentation, both SSO and NSF are necessary in order for VSS to function. Rene doesn’t mention in the lesson that they don’t have to be configured, but mentions them as features and explains what they do. In any case, I will ask Rene to take a look and to make any clarifications necessary to the lesson to avoid confusion.

Thanks for bringing this up!

Laz

In the VSS lesson there was a mention that not all ports are compatible for VSL, is there a reason for this? If anyone has an explanation or an article that I can read I would be very grateful.

Hello Justin

VSS requires that VSLs are configured on 10Gbps ports only. Not only this, but these ports must either be on the supervisor itself or on one of several switching modules. You can find more info about this at the following Cisco documentation:

Look at the section titled “VSL Hardware Requirements”.

Now the reason that only specific ports can be used is because the requirements of the VSL are very specific. A VSL link has the following characteristics:

  • The VSL gives control traffic higher priority than data traffic so that control messages are never discarded.
  • When a VSL is configured, all existing configurations are removed from the interface except for specific allowed commands
  • When VSL is configured, the system puts the interface into a restricted mode. This means that only specific configuration commands can be configured on the interface.

All of these restrictions and limitations are there in order to ensure that the link created between the two switches is sufficient to provide the necessary communication for VSS to function.

I hope this has been helpful!

Laz

Ethernet port can be
located on the supervisor engine module or on one of the following switching modules:
• WS-X6708-10G-3C or WS-X6708-10G-3CXL
• WS-X6716-10G-3C or WS-X6716-10G-3CXL
• WS-X6716-10T-3C or WS-X6716-10T-3CXL

1 Like

Hi,

In the case that I have to replace a switch on a production stack, should I care to erase the startup-config on the “new switch”( that maybe has been used for lab enviroment ) .
Does a switch configuration is a better criteria then uptime of the master? and does the same criteria used for other brands?

Thank you

Hello Giovanni

If you are talking about replacing one of the switches from a VSS configuration, there is a very specific procedure that must be used which is described in this Cisco documentation:


It is possible to minimize downtime by following this procedure, but it’s a good idea to do it in a maintenance window as there will be some downtime during the replacement process.

Now if you’re talking about replacing a switch from a Stackwise stack, and the new switch is the same model and IOS as the one it is replacing, then the configuration will automatically join the stack and inherit the config of the old switch. But it is always a good idea to first configure the switch number you want before you replace it.

In both cases, it’s a good idea to erase the startup config and start fresh, as this will ensure that no residual configurations can interfere with the configuration that you want.

I hope this has been helpful!

Laz

HI,
Thanks for the reply,

I know that Is a best practice to erase the startup-config but I want to be sure about priority criteria of the stack configuration.

This is what Rene said:

  • User priority
  • HW - SW priority
  • Default conf
  • Uptime
  • MAC

Really a configuration on the SW is a better criteria than the uptime of the master?

In the case that I don’t know if the new sw has been erased or not (and I’m hurry to replace it), do I have to care to check before the configuration?
Can a deprecated configuration on the new SW compromise all my stack?

Thank you

Hello team,

I have a question. In which cases does packets go through the virtual link?

Thanks

Hello Giovanni

For argument’s sake, let’s say you have the following scenario:

A stack of four switches is functioning, and one of those switches fails. You have a switch in storage that happens to be the same model and IOS as the rest of the switches. You don’t know what configuration it has, but you add it to the stack. Let’s assume that user priority on all switches is set to the default and is the same.

Here’s what happens:

  1. User priority is the same so this criteria is ignored.
  2. Hardware/software priority is ignored as well, since the switches and IOS are exactly the same.
  3. If the new switch has a default config (same as erasing any current configuration) then it will lose the election, because the other switches in the stack don’t have a default config (we know this since they are already functioning). If the new switch doesn’t have a default config, the criteria is ignored.
  4. The switch with the longest uptime is definitely not the new switch, since you just connected it, so the new switch loses the election.

So you see, the new switch will never win criterion number 3 (default config) because the already stacked switches will never have a default config. Nor will it win criterion 4 because it has just been powered on.

However, if you shut down the stack, connect the new switch and it doesn’t have a default config, and you power them all on again, then criteria 3 and 4 will be tied, so it will ultimately go to criteria 5, the MAC address, which is something that should never happen if you can help it! You should never do this, because stackwise is hot swappable, and it is designed to have switches added while powered on. This will ensure that elections take place correctly.

Having said all of this, it is always best practice, as you know, to manually configure the user priority so that the appropriate switch becomes the master. That way you don’t have to worry about evaluating which criterion will win in the election.

I hope this has been helpful!

Laz

1 Like