Best Practice Design for Campus Networks. Steve Emert, Avaya Keith Nuehring, City of Cedar Rapids. #AvayaATF. Best Practice Design for Campus Networks. City of Cedar Rapids Fabric Connect Case Study. Agenda. Campus Best Practices Design with Fabric Connect - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Campus Best Practices Design with Fabric Connect Deploying Fabric Connect in the Campus Design Options with Compact Form Factor Switches Capabilities to Ease Integration with Conventional Networks Models to Extend the Fabric to the Wiring Closet Edge
City of Cedar Rapids, Iowa case studyKeith Nuehring, IT Operations Manager, City of Cedar Rapids Cedar Rapids network before SPB and Fabric Connect Considerations and the decision to move to Fabric Connect Network Redesign Goals and Objectives Planning and Staging the Network Cutover Cutover Weekend Observations and Lessons Learned
First…. The sales pitch… not that you haven’t heard it before! Use Fabric Connect! Whether a small/medium enterprise, large campus network, or a campus
network that is distributed across a city or even a larger geography Why?
It will make your life easier It will free up your time and your staff’s time to work on more strategic
projects It will allow you to support new initiatives
improving your business – improve time to service
It will help simplify your efforts to maintain PCI DSS or other security compliance requirements or regulations
It will save you time and money in operational expenditures
What SPB Network services to use, and where … IP Shortcuts (GRT Route Redistribution to ISIS)
One-hop IP routing across the fabric Eliminates “transit” IP Subnets, simplifying the routing table Enhances security – end users cannot determine “core” routers by
workstation Traceroute Typical Uses
Simplest migration from conventional IP routed network to Fabric Connect
What SPB Network services to use, and where … Layer 3 VSNs
Multiple isolated/segregated IP routed networks within a single fabric infrastructure More efficient than conventional VRFs with a single instance of the routing
protocol (ISIS for SPB), single LSDB with info for all VRFs Typical Uses
Fully routed private networks for security segregation/isolation PCI DSS, IP Video surveillance networks, SCADA or HVAC Mergers and acquisitions, partnerships – duplicated IP addresses are allowed
Establish a consistent, understandable and useful naming/numbering system Backbone VLAN IDs 4051 and 4052 – per informational RFC System IDs – 00xx.xxxx.xx00
Stay away from first two hex digits and last two hex digits
Building or network . Subnet or other identifier . Switch number in location Example: 0001.07a1.0100
Nick-Names (ISIS Source Address) – x.xx.xx Base it on the System ID for ease of correlation
Example: 1.a1.01 System names (CLI Prompt names)
Meaningful, avoid special characters – make it easy to type!
Capabilities to Ease Integration with Conventional Networks
Current capabilities Split BEB for SMLT compatibility 802.1Q tagged interfaces to non-SPB switches Transparent UNI Route redistribution between ISIS/SPB and other IGPs
Upcoming capabilities Virtual IST Fabric Attach Fabric Connect over IP SFP Adapter
Cedar Rapids Network before SPB and Fabric Connect
Many device types – ERS 8300, ERS 5530, ERS 4548, ERS 2526, SR 1004, SR 3120
With three primary locations, SMLT (two-switch cluster) didn’t really fit well ERS 5530’s required at least annual reboot to maintain stability Maintained a Spanning Tree ring to support smaller venues within the City
Considerations and the Decision to move to Fabric Connect
Should we stay with Avaya or move to another vendor? Nortel’s Chapter 11 Uncertainty over whether Avaya would continue to support and expand
the networking business acquired with Nortel Enterprise Solutions Concerns with technical support after Avaya’s NES acquisition Concerns with stability and product life of existing equipment
ERS 8300 ERS 5530
Attended ATF Orlando February 2012 Came away from first ATF with decision to implement SPB
New network in conjunction with new City Services Center Upgrade from 1Gigabit to 10Gigabit City-wide network Increase network resilience – target of milliseconds, not seconds Consolidate Layer 3 routing into three main sites Reduce number of devices types to support
From … ERS 8300 and ERS 5500 both performing IP routing ERS 4000 series and ERS 2500 series edge switching
Different platforms, different capabilities, different CLIs To …
VSP 7000 SPB Fabric Switches and IP Routing ERS 4000 series and ERS 3500 series edge switching
Considerations in selecting the network products to use Large chassis switches not practical for City of Cedar Rapids VSP 7000 – 10 Gigabit switching, SPB Fabric, but no
simultaneous SPB Fabric and IP Routing VSP 4000 – Limited number of 10 Gigabit interfaces, semi-
external USB flash, does have IP Shortcut Routing Selected VSP 7000 both for SPB Switching Fabric and for IP
Routing external to the SPB Fabric Network design
Three-site mesh topology with all links active NetApp storage and servers sync between sites across L2 VSN
Training and Staging Used to-be live equipment for on-site hands-on training for staff Pre-built and tested entire network in City Services Center lab
Moved pre-configured equipment from City Services Center lab to final location
Plan and document all steps, label all cables Walk through migration steps in a dry run to test procedures With single-strand BX optics, could bring up basics of new network
simultaneously with old network for easing the migration Proactively open up Avaya Support case, have support engineer
review plan and configurations before cutover Problems? … a few …
PVID set wrong on a switch Missed moving a cable, caused a routing loop VSP 7000 in Involta Data Center random rebooting
SPB resiliency works One optic failed some time after cutover and the NNI was
bouncing No visible effect to users – even while link was bouncing for 2-
1/2 hours Simply disabled link over weekend until optic could be
changed the next Monday Proved during cutover that even with a VSP 7000 failing, the
alternate switch and path would work to maintain the network VSP 7000 that was rebooting was one of two switches
connecting the NetApp storage! Simplified IP routing by consolidating into VSP 7000’s with VRRP Standardized on Direct and Static routing and VRRP Single CLI syntax on VSP 7000, ERS 4000, ERS 3500 is nice Was it worth making the change?