VSS

Virtual Switching
System (VSS)
on the Catalyst 6500
March 2008
Lila Rousseaux
Consulting Systems Engineer
lroussea@cisco.com CCIE #6899
Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1
Agenda
Introduction to VSS
Virtual Switching Architecture
Etherchannel Concepts
Integrated
Hardware Requirements
Services Routers
Conversion Process
Operational Management
High Availability
Quality of Service
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2
Current Network Challenges
Enterprise Campus
Traditional Enterprise Campus deployments have been designed in such a way that allows for
scalability, differentiated services and high availability. However they also face many
challenges, some of which are listed in the below diagram…
Extensive routing
topology, Routing
L3 Core reconvergence
FHRP, STP,
L2/L3 Asymmetric routing,
Distribution Policy Management
Single active uplink

per VLAN (PVST), L2
Access reconvergence

Current Network Challenges
Data Center
Traditional Data Center designs are requiring ever increasing Layer 2 adjacencies between
Server nodes due to prevalence of Virtualization technology. However, they are pushing the
limits of Layer 2 networks, placing more burden on loop-detection protocols such as Spanning
Tree…
FHRP, HSRP, VRRP

Spanning Tree
Policy Management
L2/L3 Core
Single active uplink per

VLAN (PVST), L2
reconvergence, L2
excessive BPDUs Distribution
Dual-Homed Servers to
single switch, Single
active uplink per VLAN
(PVST), L2
reconvergence L2 Access

Virtual Switching System
Introduction
Virtual Switching System is a new technology break through for the Catalyst 6500 family…

Enterprise Campus
A Virtual Switch-enabled Enterprise Campus network takes on multiple benefits including
simplified management & administration, facilitating greater high availability, while maintaining
a flexible and scalable architecture…
Reduced routing
neighbors, Minimal
L3 Core L3 reconvergence
No FHRPs
L2/L3 No Looped topology
Distribution Policy Management
Multiple active
uplinks per VLAN, No
Access STP convergence

Data Center
A Virtual Switch-enabled Data Center allows for maximum scalability so bandwidth can be
added when required, but still providing a larger Layer 2 hierarchical architecture free of
reliance on Spanning Tree…
Single router node, Fast

L2 convergence,
Scalable architecture
L2/L3 Core
Dual Active Uplinks,

Fast L2 convergence,
minimized L2 Control L2
Plane, Scalable Distribution
Dual-Homed Servers,
Single active uplink per
VLAN (PVST), Fast L2
convergence L2 Access

What is a VSS?

Control Plane
While the Data Planes in both switches are active, only one switch has an active control plane - hence
there is only one management point from which to manage the Virtual Switching System…

Data Plane
The Data Planes in both switches are active - hence each has a full copy of the forwarding tables and
Security/QOS policies in hardware such that each can make a fully informed local forwarding decision…

Virtual Switch Link
The Virtual Switch Link is a special link joining each physical switch together - it extends the out of band
channel allowing the active control plane to manage the hardware in the second chassis…

Multi Chassis Etherchannel
Virtual Switching System introduces new connectivity options such as Multichassis EtherChannel…

Inter Chassis NSF/SSO

Agenda
Introduction to VSS
Integrated
Services Routers
Conversion Process
High Availability
Quality of Service
Virtual Switch Architecture
Virtual Switch Link
The Virtual Switch Link is a special link joining each physical switch together - it extends the out
of band channel allowing the active control plane to manage the hardware in the second
chassis…

VSL Initialization
Before the Virtual Switch domain can become active, the Virtual Switch Link (VSL) must be
brought online to determine Active and Standby roles. The initialization process essentially
consists of 3 steps:
1 Link
Link Bringup
Bringup to
to determine
determine which
which ports
ports form
form the
the VSL
VSL
2 Link
Link Management
Management Protocol
Protocol (LMP)
(LMP) used
used toto track
track and
and reject
reject Unidirectional
Unidirectional Links,
Links, Exchange
Exchange Chassis
Chassis
ID
ID and
and other
other information
information between
between the
the 22 switches
switches
LMP
LMP LMP
LMP
RRP
RRP RRP
RRP
3 Role
Role Resolution
Resolution Protocol
Protocol (RRP)
(RRP) used
used to
to determine
determine compatible
compatible Hardware
Hardware and
and Software
Software versions
versions to
to
form
form the
the VSL
VSL as
as well
well as
as determine
determine which
which switch
switch becomes
becomes Active
Active and
and Hot
Hot Standby
Standby from
from aa control
control
plane
plane perspective
perspective
Link Bringup
Each member of the Virtual Switch domain must determine which links are candidate for VSL
very early on in the bootup cycle. The Switch Processor (SP) pre-parses the configuration to
determine which links are configured for VSL…
Pre-Parse
Pre-Parse Config
Config Pre-Parse
Pre-Parse Config
Config
Switch
Switch 11 Switch
Switch 22
The SP will then bring up the line card/s where the VSL is configured, download the required
configuration and initiate Link Management Protocol (LMP)
Link Management Protocol (LMP)
LMP runs on each individual link that is part of the VSL, and is used to program information
such as member details, forwarding indices, as well as perform the following checks:
1 Verify neighbor is Bi-Directional

2 Ensure the member is connected to another Virtual Switch
3 Transmit and receive keepalives to maintain health of the member and the VSL
LMP
LMP LMP
LMP
LMP
LMP LMP
LMP
After successful LMP negotiation, a Peer Group (PG) is formed which is a collection of all VSL
members that connects to the same VS. For each PG, a Peer Group Control Link (PGCL) is
elected to carry further control information…

Role Resolution Protocol (RRP)
RRP is used to negotiate the role (active or standby) for each chassis:
1 Determine whether hardware and software versions allow a Virtual Switch to form
2 Determine which chassis will become Active and Hot Standby from a control plane
perspective
RRP
RRP RRP
RRP
RRP
RRP RRP
RRP
VSL

VSL Configuration Consistency Check
After the roles have been resolved through RRP, a Configuration Consistency Check is
performed across the VSL switches to ensure proper VSL operation. The following items are
checked for consistency:
Switch
Switch Virtual
Virtual Domain
Domain ID
ID
Switch
Switch Virtual
Virtual Node
Node Type
Type
Switch
Switch Priority
Priority
Switch
Switch Preempt
Preempt
VSL
VSL Port
Port Channel
Channel Link
Link ID
ID
VSL
VSL Port
Port state,
state, interfaces…
interfaces…
Power
Power Redundancy
Redundancy mode
mode
Power
Power Enable
Enable on
on VSL
VSL cards
cards
Note
Note that
that ifif configurations
configurations do
do not
not match,
match, the
the standby
standby switch
switch will
will revert
revert to
to RPR
RPR mode,
mode,
disabling
disabling all
all non-VSL
non-VSL interfaces…
interfaces…
VSLP Ping
A new Ping mechanism has been implemented in VSS mode to allow the user to objectively
verify the health of the VSL itself. This is implemented as a VSLP Ping…
VSL
VSLP
VSLP VSLP
VSLP
VSLP
VSLP VSLP
VSLP
Switch 1 Switch 2
The VSLP Ping operates on a per-physical interface basis and parameters such as COUNT,
DESTINATION, SIZE, TIMEOUT may also be specified…
vss#ping
vss#ping vslp
vslp output
output interface
interface tenGigabitEthernet
tenGigabitEthernet 1/5/4
1/5/4
Type
Type escape
escape sequence
sequence to
to abort.
abort.
Sending
Sending 5, 100-byte VSLP ping
5, 100-byte VSLP ping to
to peer-sup
peer-sup via
via output
output port
port 1/5/4,
1/5/4, timeout
timeout is
is 22 seconds:
seconds:
!!!!!
!!!!!
Success
Success rate
rate is
is 100
100 percent
percent (5/5),
(5/5), round-trip
round-trip min/avg/max
min/avg/max == 12/12/16
12/12/16 ms
ms
vss#
vss#

Forwarding Operation
In Virtual Switch Mode, while only one Control plane is active, both Data Planes (Switch
Fabric’s) are active, and as such, each can actively participate in the forwarding of data …
Switch 1 - Control Plane Active Switch 2 - Control Plane Hot Standby
Virtual Switch Domain
Switch 1 - Data Plane Active Switch 2 - Data Plane Active

A Virtual Switch Domain ID is allocated during the conversion process and represents the
logical grouping the 2 physical chassis within a VSS. It is possible to have multiple VS
Domains throughout the network…
VS Domain 10
VS Domain 20 VS Domain 30
The
The configurable
configurable values
values for
for the
the domain
domain ID
ID are
are 1-255.
1-255. ItIt is
is always
always recommended
recommended to
to use
use aa unique
unique
VS
VS Domain
Domain ID
ID for
for each
each VS
VS Domain
Domain throughout
throughout the
the network…
network…

Router MAC Address
In a standalone Catalyst 6500 system, the router MAC address is derived from the Chassis
MAC EEPROM and is unique to each Chassis. In a Virtual Switch System, since there is only a
single routing entity now, there is also only ONE single router MAC address…
Router
Router MAC
MAC == 000f.f8aa.9c00
000f.f8aa.9c00
The MAC address allocated to the Virtual Switch System is derived from the MAC EEPROM of
the Active Virtual Switch upon initial system bring up. Regardless of either switch being
brought down or up, the same MAC address will be retained such that neighboring network
nodes and hosts do not need to re-ARP for a new address.

Agenda
Introduction to VSS
Integrated
Services Routers
Conversion Process
High Availability
Quality of Service
An Etherchannel combines multiple physical links into a single logical link. Ideal for load
sharing or link redundancy – can be used by both layer 2 and Layer 3 subsystems…
Physical View
Multiple ports are
defined as being
part of an
Etherchannel
group
Logical View
Subsystems running
on the switch only
see one logical link
An
An Etherchannel
Etherchannel can
can be
be defined
defined on
on Ethernet,
Ethernet, Fast
Fast Ethernet,
Ethernet, Gigabit
Gigabit Ethernet
Ethernet or
or 10
10 Gigabit
Gigabit
Ethernet
Ethernet Ports
Ports
Traffic Distribution and Hashing
The distribution of traffic across the members of the Etherchannel done through
different hash schemes.
With the PFC3C running 12.2(33)SXH software, there are 13 possible different hash
schemes to choose from:
Selection of the hash scheme of choice is largely dependent on the traffic mix
through the EtherChannel
The hash scheme may only be selected on a global basis.
Multichassis EtherChannel (MEC)
Prior to VS, Etherchannels were restricted to reside within the same physical switch.
In a Virtual Switch environment, Etherchannels can now also be extended across the 2
physical chassis…
As a result, MECs allows for new network designs to be implemented where true layer 2 Multi-
pathing can be implemented without the reliance on protocols such as Spanning Tree.
Virtual Switch Virtual Switch
Both
Both LACP
LACP and
and PAGP
PAGP Etherchannel
Etherchannel
protocols
protocols and
and Manual
Manual ON
ON modes
modes are
are
supported…
supported…
Regular Etherchannel on single chassis Multichassis EtherChannel across 2 VSL-

© 2007 Cisco Systems, Inc. All rights reserved. enabled Chassis
Cisco Confidential 28
Multichassis EtherChannel
Support for Etherchannel management is performed by the Control plane on the Active Switch
in the Virtual Switch Domain…
Standby Active
Control Control
Plane Plane
•• MEC
MEC links
links on
on both
both the
the switches
switches inin the
the VS
VS
domain
domain areare managed
managed by by PAgP
PAgP or or LACP
LACP
running
running onon the
the Active
Active Switch
Switch via
via internal
internal
control
control messages.
messages.
•• PAgP
PAgP or or LACP
LACP packets
packets destined
destined toto aa MEC
MEC
link
link on
on the
the standby
standby core
core will
will be
be sent
sent
across
across VSL
VSL

Etherchannel Hash for MEC
Deciding on which link of a Multi-chassis Etherchannel to use in a Virtual Switch is skewed in
favor towards local links in the bundle - this is done to avoid overloading the Virtual Switch
Link (VSL) with unnecessary traffic loads…
Blue Traffic destined for Orange Traffic destined

the Server will result in Switch 1 Switch 2 for the Server will result in
Link A1 in the MEC link Link B2 in the MEC link
bundle being chosen as bundle being chosen as
the destination path… the destination path…
Link A1 Link B2
Server
Etherchannel Hash for MEC
The Result Bundle Hash (RBH) values are reprogrammed for each core to reflect only the local
links that are in the Etherchannel bundle…
Switch 1 Virtual Switch Switch 2
Access-SW
A
1 2 3 4 5 6 7 8
RBH
RBH (No
(No MEC)
MEC) RBH
RBH (for
(for MEC)
MEC) MEC
88 Link
Link Bundle
Bundle Example
Example 88 Link
Link Bundle
Bundle Example
Example
Bit
Bit 77 Link
Link 11 Bit
Bit 77 Link
Link 11
Bit
Bit 66 Link
Link 22 Bit
Bit 66 Link
Link 11
Bit
Bit 55 Link
Link 33 Bit
Bit 55 Link
Link 22
Bit
Bit 44 Link
Link 44 Bit
Bit 44 Link
Link 22
Bit
Bit 33 Link
Link 55 Bit
Bit 33 Link
Link 33
Bit
Bit 22 Link
Link 66 Bit
Bit 22 Link
Link 33
Bit
Bit 11 Link
Link 77 Bit
Bit 11 Link
Link 44
Access-SW
Bit
Bit 00 Link
Link 88 Bit
Bit 00 Link
Link 44 B
Etherchannel Hash Distribution Enhancement
The existing hash distribution algorithm requires 100% of flows to be temporarily dropped
such that duplicate frames are not sent into the network for the duration of time it takes to
reprogram the port ASICs with the new member information…
RBH
RBH (for
(for MEC)
MEC) RBH
RBH (for
(for MEC)
MEC)
22 Link
Link Bundle
Bundle Example
Example 33 Link
Link Bundle
Bundle Example
Example
Link
Link 11 Link
Link 22 Link
Link 11 Link
Link 22 Link
Link 33
Flow
Flow 11 Flow
Flow 22 Flow
Flow 11 Flow
Flow 22 Flow
Flow 33
Flow
Flow 33 Flow
Flow 44 Flow
Flow 44 Flow
Flow 55 Flow
Flow 66
Flow
Flow 55 Flow
Flow 66 Flow
Flow 77 Flow
Flow 88
Flow
Flow 77 Flow
Flow 88
A new hash distribution algorithm has been introduced with the 12.2(33)SXH release which
allows for members of a port channel to be added or removed without the requirement for all
traffic on the existing members to be temporarily dropped…
Etherchannel Hash Distribution Enhancement
Now, when ports are added or removed from an EtherChannel, the load result does not need to
be reset on existing member ports, resulting in better recovery times of traffic.
Hence it does not affect 100% of the traffic in an Etherchannel.
Example below: only Flow 7 and 8 are affected by the addition of an extra link to the Channel
RBH
RBH (for
(for MEC)
MEC) RBH
RBH (for
(for MEC)
MEC)
22 Link
Link Bundle Example
Bundle Example 33 Link
Link Bundle Example
Bundle Example
Link
Link 11 Link
Link 22 Link
Link 11 Link
Link 22 Link
Link 33
Flow
Flow 11 Flow
Flow 22 Flow
Flow 11 Flow
Flow 22 Flow
Flow 77
Flow
Flow 33 Flow
Flow 44 Flow
Flow 33 Flow
Flow 44 Flow
Flow 88
Flow
Flow 55 Flow
Flow 66 Flow
Flow 55 Flow
Flow 66
Flow
Flow 77 Flow
Flow 88
vss#conf
vss#conf tt
Enter
Enter configuration
configuration commands,
commands, one
one per
per line.
line. End
End with
with CNTL/Z.
CNTL/Z.
vss(config)#port-channel
vss(config)#port-channel hash-distribution
hash-distribution adaptive
adaptive
vss(config)#
vss(config)# ^Z
^Z
vss#
vss#
Although this new load-distribution algorithm requires configuration for regular EtherChannel
and Multi-Chassis EtherChannel (MEC) interfaces, it will be the default load-distribution
algorithm used on the VSLs 33
© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Determination of Hash Result
A command can be invoked to allow users to determine which physical link a given flow of
traffic will leverage within a port channel group.
The user will need to provide inputs to the command and the hashing algorithm will compute
the physical link that will be selected for the traffic mix and algorithm.
vss#sh
vss#sh etherchannel
etherchannel load-balance
load-balance hash-result
hash-result interface
interface port-channel
port-channel
120
120 ip
ip 192.168.220.10
192.168.220.10 192.168.10.10
192.168.10.10
Computed
Computed RBH:
RBH: 0x4
0x4
Would
Would select
select Gi1/2/1
Gi1/2/1 of
of Po120
Po120

Deployment Considerations
VSS will incorporate some deployment considerations as best practice…

Agenda
Introduction to VSS
Integrated
Services Routers
Conversion Process
High Availability
Quality of Service
VSL Hardware Considerations
The Virtual Switch Link requires special hardware as noted below…

Other Hardware Considerations

Software Considerations
Along with the hardware considerations, Virtual Switching System also has some software
considerations…
12.2(33)SXH1 is the first version that supports VSS

Distributed Forwarding Cards
Distributed Forwarding Cards (DFCs) improve the performance of the Catalyst 6500 by offloading the
lookup processing from the PFC to the ingress linecard. Only DFC3C or DFC3CXL is supported in a Virtual
Switch domain. If DFCs are not used on CEF720 modules, a Centralized Forwarding Card (CFC) must be
installed in its place…
Note
Note that
that ifif aa lower
lower revision
revision DFC
DFC (3A,
(3A, 3B
3B
or
or 3BXL)
3BXL) is is used
used in in aa VSL
VSL domain,
domain, the
the
system
system willwill fall
fall to
to aa lowest
lowest common
common
denominator
denominator mode mode which
which will
will not
not allow
allow
support
support for for VSL…
VSL…

Catalyst 6500 Supervisors
PFC3A vs. PFC3B vs. PFC3C
Sup/Feature PFC3A PFC3B PFC3B-XL PFC3C PFC3C-XL

Supervisor Sup720 Sup720 / Sup720 Sup720-10GbE Sup720-
Sup32 10GbE
SW 12.2(17)SXB 12.2(17)SXB / 12.2(17d)SXB1 12.2(33)SXH 12.2(33)SXH
12.2(18)SXF 12.2(33)SXH
FIB TCAM 256K 256K 1M 256K 1M
Adjacency Table 1M 1M 1M 1M 1M
NetFlow Table 128K (64K) 128K (115K) 256K (230K) 128K (115K) 256K(230K)
MAC Table 64K (32K) 64K (32K) 64K (32K) 96K(80K) 96(80K)
IPv6 FIB Entries 128K 128K 500K 128K 500K
Native MPLS No Yes Yes Yes Yes
EoMPLS No Yes Yes Yes Yes
ACE Counters No Yes Yes Yes Yes
ACL Labels 512 4K 4K 4K 4K
VSL No No No Yes Yes
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/product_data_sheet09186a0080159856_ps4835_Products_Data_Sheet.html
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/product_data_sheet0900aecd806ed759.html
Agenda
Introduction to VSS
Integrated
Services Routers
Conversion Process
High Availability
Quality of Service
Conversion Process
Conversion to VSS
The conversion process requires configuration of both switches that will form part of the
Virtual Switch Domain and requires a reboot on the part of both switches during the
conversion…
It is recommended to have the interfaces forming the VSL be connected prior to the
conversion process as it will minimize the number of times the chassis will be reloaded.
It is also recommended to begin the conversion process using a default configuration as
the conversion process will remove any previous configuration that pre-exists on the
standalone chassis.
Conversion Process
Conversion to VSS
For the purposes of this explanation - let’s assume the following setup is required…
Switch - 1 Switch - 2
T5/4 T5/4
VSL Link Bundle

T5/5 T5/5
Port-Channel 1 Port-Channel 2
Switch Virtual Domain #10

Conversion Process
Step 1: Configure Virtual Switch ID and Domain
On the two switches, configure the same VS Domain number (in this case it is 10), but
unique Switch IDs
Router(config)#host VSS Router(config)#host VSS

VSS(config)#switch virtual domain 10 VSS(config)#switch virtual domain 10
Domain ID 10 config will take effect only Domain ID 10 config will take effect only
after the exec command 'switch convert mode after the exec command 'switch convert mode
virtual' is issued virtual' is issued
VSS(config-vs-domain)#switch 1 VSS(config-vs-domain)#switch 2
VSS(config-vs-domain)#exit VSS(config-vs-domain)#exit
Note: The Domain ID is retained in the configuration, but the Switch ID is not – this is stored as a
variable in ROMMON. To see this value:

Conversion Process
Step 2: VSL Configuration – Configure the VSL Port
Channel and member ports
Choose unique Port Channel IDs for each chassis to form the VSL and configure them
with the corresponding Switch ID
Add the ports on each switch to the port channel that corresponds to the respective
side of the VSL
VSS(config)#interface port-channel 1 VSS(config-if)#interface port-channel 2

! Associates Switch 1 as owner of port channel 1 ! Associates Switch 2 as owner of port channel 2
VSS(config-if)#switch virtual link 1 VSS(config-if)#switch virtual link 2
VSS(config-if)#interface range tenG 5/4 - 5 VSS(config-if)#interface range tenG 5/4 - 5

! Adds this interface to channel group 1 ! Adds this interface to channel group 2
VSS(config-if-range)#channel-group 1 mode on VSS(config-if-range)#channel-group 2 mode on

Conversion Process
Step 3: Convert to Virtual Switch Mode
Convert both switches to Virtual Switch mode using the following exec command:
vss#switch convert mode virtual vss#switch convert mode virtual
This command will convert all interface This command will convert all interface names
names to naming convention "interface-type to naming convention "interface-type switch-
switch-number/slot/port", save the running number/slot/port", save the running config to
config to startup-config and reload the startup-config and reload the switch.
switch. Do you want to proceed? [yes/no]: yes
Do you want to proceed? [yes/no]: yes Converting interface names
Converting interface names Building configuration...
Building configuration... [OK]
[OK] Saving converted configuration to bootflash:
Saving converted configuration to bootflash: ...
... Destination filename [startup-
Destination filename [startup- config.converted_vs-20071031-150018]?
config.converted_vs-20071031-150039]?
AT THIS POINT THE SWITCH WILL REBOOT
AT THIS POINT THE SWITCH WILL REBOOT

Conversion Process
When the two switches are brought online, they will proceed with VSL initialization and bring
up their respective VSL ports.
The two switches communicate with each other and determine Active and Standby role.
SWITCH CONSOLE OUTPUT

<…snip…>
<…snip…>
System detected Virtual Switch configuration...
System detected Virtual Switch configuration...
Interface TenGigabitEthernet 2/5/4 is member
of PortChannel 2
of PortChannel 1
of PortChannel 2
of PortChannel 1
<…snip…>
<…snip…>
00:00:26: %PFREDUN-6-ACTIVE: Initializing as
00:00:26: %PFREDUN-6-ACTIVE: Initializing as
ACTIVE processor for this switch
ACTIVE processor for this switch
Initializing as Virtual Switch STANDBY
Initializing as Virtual Switch ACTIVE processor
processor
<…snip…>
00:01:19: %VSLP-5-RRP_ROLE_RESOLVED: Role <…snip…>
00:01:02: %VSLP-5-RRP_ROLE_RESOLVED: Role
resolved as ACTIVE by VSLP
resolved as STANDBY by VSLP
00:01:19: %VSL-5-VSL_CNTRL_LINK: New VSL
00:01:02: %VSL-5-VSL_CNTRL_LINK: New VSL
Control Link 5/4
Control Link 5/4
Conversion Process
Step 4: Finalize Virtual Switch Configuration
This command will get the VSL related commands from the Standby Switch and update the
startup-configuration with the new merged configurations
Note that only VSL-related configurations are merged with this step – all other configuration
will be lost and requires manual intervention.
This step is only applicable for a first-time conversion.
Switch - 1
<…snip…>
vss-demo#switch accept mode virtual
This command will populate the above VSL configuration from the standby switch into the
running configuration.
The startup configuration will also be updated with the new merged configuration if merging
is successful.
Do you want to proceed? [yes/no]: yes
Merging the standby VSL configuration...
Building configuration...
00:11:33: %PFINIT-SW1_SP-5-CONFIG_SYNC: Sync'ing the startup configuration to the standby

Router. [OK]

Conversion Process
Conversion to VSS
Configuration for the conversion takes the following path…
vss-sdby>en
Standby console disabled
vss-sdby>
vss#sh switch virtual

Both switches are now
Switch mode : Virtual Switch converted with Switch 1
Virtual switch domain number :
Local switch number :
10
1
as the Master (Active)
Local switch operational role: Virtual Switch Active and Switch 2 as the
Peer switch number :
Peer switch operational role :
2
Virtual Switch Standby
Standby
vss-demo#
Switch 2 console is now
disabled for normal
console activity…
Conversion Process
Boot-up Priority
Normal operation is for first switch to boot to assume VS Active role - this behavior can be
changed allowing a pre defined switch to assume Active role by specifying a priority (higher
priority uses a higher number)…
VSS#sh
VSS#sh switch
switch virtual
virtual role
role
Switch
Switch Switch
Switch Status
Status Preempt
Preempt Priority
Priority Role
Role Session
Session IDID
Number
Number Oper(Conf) Oper(Conf)
Oper(Conf) Oper(Conf) Local Remote
Local Remote
------------------------------------------------------------------
------------------------------------------------------------------
LOCAL
LOCAL 11 UP
UP FALSE(N)
FALSE(N) 110(110)
110(110) ACTIVE
ACTIVE 00 00
REMOTE
REMOTE 22 UP
UP FALSE(N)
FALSE(N) 100(100)
100(100) STANDBY
STANDBY 9114
9114 1391
1391

Switch Preemption
Once the active and standby roles have been determined, they cannot be changed
without manual intervention
If we need to always prefer a particular physical switch to assume the Virtual Switch
Active role, then we can leverage the Switch Preemption feature.
Please Note: Use this feature with caution since preemption is not advisable in most
designs. The SSO behavior requires that in order for switch 1 to become active
switch 2 will have to reboot to come up in standby mode. So unlike HSRP pre-
emption where we have reasons to pre-empt and we have very little impact to active
traffic flows in the VSS case there is no reason to move the active role (and we do
suffer from a full reboot of one of the two switches

Agenda
Introduction to VSS
Integrated
Services Routers
Conversion Process
High Availability
Quality of Service
Virtual Switch CLI
Multiple console interfaces exist within a Virtual Switch Domain, but only the active RP/SP
consoles are enabled for command interaction…

Reloading the VSS and reloading a member
The command “reload” will reload entire Virtual Switch System (both chassis)
To reload each chassis individually we need to specify the Switch ID
vss#reload
vss#reload
Warning:
Warning: This
This command
command will
will reload
reload the
the entire
entire Virtual
Virtual
Switching System (Active and Standby Switch).
Switching System (Active and Standby Switch).
Proceed
Proceed with
with reload?
reload? [confirm]
[confirm]
vss#redundancy
vss#redundancy reload
reload shelf
shelf ??
1d04h:
1d04h: %SYS-5-RELOAD:
%SYS-5-RELOAD: Reload
Reload requested
requested by
by console.
console. Reload
Reload <1-2> shelf id
<1-2> shelf id
Reason:
Reason: Reload
Reload Command.
Command.
<cr>
<cr>
***
***
***
*** ---
--- SHUTDOWN
SHUTDOWN NOW
NOW ---
--- vss#redundancy
vss#redundancy reload
reload shelf
shelf 22
***
*** Reload
Reload the entire remote shelf[confirm]
the entire remote shelf[confirm]
Preparing
Preparing to reload remote shelf
to reload remote shelf
1d04h:
1d04h: %SYS-SP-5-RELOAD:
%SYS-SP-5-RELOAD: Reload
Reload requested
requested
System
System Bootstrap,
Bootstrap, Version
Version 8.5(1)
8.5(1)
Copyright
Copyright (c)
(c) 1994-2006
1994-2006 by
by cisco
cisco Systems,
Systems, Inc.
Inc. vss#
vss#
Cat6k-Sup720/SP
Cat6k-Sup720/SP processor
processor with
with 1048576
1048576 Kbytes
Kbytes of
of main
main memory
memory
<…snip…>
<…snip…>
Setting the System-wide PFC Mode
• Only PFC/DFC 3C/CXL are supported in a VSS.
• It is possible to mix modules in a 3C and 3CXL system: the system will take the lowest
common denominator as the system-wide PFC mode.
• In a VSL environment is basically the mode negotiation happens even before the modules
are brought up
• A new CLI has been implemented to allow the user to pre-configure the system mode to
prevent modules from not powering up…
vs-vsl#conf
vs-vsl#conf tt
Enter
Enter configuration
commands, one
one per
per line.
line. End
End with
with CNTL/Z.
CNTL/Z.
vs-vsl(config)#platform
vs-vsl(config)#platform hardware
hardware vsl
vsl pfc
pfc mode
mode pfc3c
pfc3c
vs-vsl(config)#^Z
vs-vsl(config)#^Z
vs-vsl#
vs-vsl#
vs-vsl#sh
vs-vsl#sh platform
platform hardware
hardware pfc
pfc mode
mode
PFC
PFC operating
operating mode
mode :: PFC3C
PFC3C
Configured
Configured PFC
PFC operating
operating mode
mode :: PFC3C
PFC3C
vs-vsl#
vs-vsl#
SNMP Support for VSS
The SNMP process for a VSS necessitates support for “Put’s” and “Get’s” across 2 physical
chassis, changes to existing MIB’s and support for a new MIB…
SNMP Server
SNMP Put’s SNMP Get’s
Switch 1 - Active Switch 2 - Standby

SNMP
SNMP Modified
Modified
MIB’s
MIB’s
SNMP
SNMP New
New MIB’s
MIB’s SNMP Process Active SNMP Process Inactive
CISCO-VIRTUAL-SWITCH-MIB has been defined to support SNMP access to the Virtual Switch
Configuration - the following MIB variables are accessible to an SNMP manager…
Slot/Port Numbering
After conversion, port definitions for switches within the Virtual Switch Domain inherit the
Chassis ID as part of their naming convention…
PORT
PORT NUMBERING:
NUMBERING: <CHASSIS-ID><SLOT-NUMBER><PORT-NUMBER>
<CHASSIS-ID><SLOT-NUMBER><PORT-NUMBER>
Chassis-ID WILL ALWAYS be either a “1” or a “2”
Router#show
Router#show ip
ip interface
interface brief
brief
Interface
Interface IP-Address
IP-Address OK?
OK? Method
Method Status
Status Protocol
Protocol
Vlan1
Vlan1 unassigned
unassigned YES
YES NVRAM
NVRAM up
up up
up
Port-channel1
Port-channel1 unassigned
unassigned YES
YES NVRAM
NVRAM up
up up
up
Te1/1/1
Te1/1/1 10.1.1.1
10.1.1.1 YES
YES unset
unset up
up up
up
Te1/1/2
Te1/1/2 192.168.1.2
192.168.1.2 YES
YES unset
unset up
up up
up
Te1/1/3
Te1/1/3 unassigned
unassigned YES
YES unset
unset up
up up
up
Te1/1/4
Te1/1/4 unassigned
unassigned YES
YES unset
unset up
up up
up
GigabitEthernet1/2/1
GigabitEthernet1/2/1 10.10.10.1
10.10.10.1 YES
YES unset
unset up
up up
up
GigabitEthernet1/2/2
GigabitEthernet1/2/2 10.10.11.1
10.10.11.1 YES
YES unset
unset up
up up
up
<snip>
<snip>

File System Naming
After the conversion to a Virtual Switch, some of the File System naming conventions have
changed to accommodate the new setup - an example of the new setup is shown below…
SW<NUMBER>SLOT<NUMBER>FILESYSTEM
SW<NUMBER>SLOT<NUMBER>FILESYSTEM
e.g. e.g.
OLD: disk0: OLD: slavedisk0:
NEW: sw1-slot5-disk0: AN EXAMPLE
NEW: sw2-slot5-disk0:
Active Supervisor - Slot 5 Switch 1 Hot Standby Supervisor - Slot 5 Switch 2

File System Naming
The Filesystems in a VSS environment are completely managed from the Active Switch’s
console. All filesystem activities take place at single centralized location…
vs-vsl#dir
vs-vsl#dir sw1-slot5-sup-bootdisk:
sw1-slot5-sup-bootdisk:
Directory
Directory of
of sup-bootdisk:/
sup-bootdisk:/
11 -rwx
-rwx 33554496
33554496 Jan
Jan 10
10 2007
2007 14:53:16
14:53:16 +00:00
+00:00 sea_log.dat
sea_log.dat
22 -rwx
-rwx 150198412
150198412 Feb
Feb 7 2007 17:28:56
7 2007 17:28:56 +00:00
+00:00 s72033-adventerprisek9_wan_dbg-vz.0124_all
s72033-adventerprisek9_wan_dbg-vz.0124_all
vs-vsl#dir
vs-vsl#dir sw2-slot5-sup-bootdisk:
sw2-slot5-sup-bootdisk:
Directory
Directory of
of slavesup-bootdisk:/
slavesup-bootdisk:/
11 -rwx
-rwx 33554464
33554464 Feb
Feb 99 2007
2007 16:39:02
16:39:02 +00:00
+00:00 sea_log.dat
sea_log.dat
22 -rwx
-rwx 150678668
150678668 Feb
Feb 99 2007
2007 16:45:14
16:45:14 +00:00
+00:00 s72033-adventerprisek9_wan_dbg-vz.cef
s72033-adventerprisek9_wan_dbg-vz.cef

File System Naming
Some filenames have remained the same - others have changed - some examples of file
system names in a Virtual Switch include the following…
PREVIOUS
PREVIOUS VIRTUAL
VIRTUAL SWITCH
SWITCH
disk0:
disk0: sw<number_1>slot<number>disk0:
sw<number_1>slot<number>disk0:
slavedisk0:
slavedisk0: sw<number_2>slot<number>disk0:
sw<number_2>slot<number>disk0:
bootflash:
bootflash: sw<number_1>slot<number>bootflash:
sw<number_1>slot<number>bootflash:
slavebootflash:
slavebootflash: sw<number_2>slot<number>bootflash:
sw<number_2>slot<number>bootflash:
sup-bootdisk:
sup-bootdisk: sw<number_1>slot<number>sup-bootdisk:
sw<number_1>slot<number>sup-bootdisk:
slavesup-bootdisk:
slavesup-bootdisk: sw<number_2>slot<number>sup-bootdisk:
sw<number_2>slot<number>sup-bootdisk:
nvram:
nvram: sw<number_1>slot<number>nvram:
sw<number_1>slot<number>nvram:
slavenvram:
slavenvram: sw<number_2>slot<number>nvram:
sw<number_2>slot<number>nvram:

Netflow
In a Virtual Switch, with both Data Planes active, Netflow data collection is performed on each
Supervisor’s PFC - while Netflow export is only performed by the Control Plane on the VS
Active …
Switch 1 Supervisor Virtual Switch Domain Switch 2 Supervisor
VSL
VS State : Active VS State : Standby

Control Plane: Active Control Plane: Standby
Data Plane: Active Data Plane: Active
Netflow Collection: Active Netflow Collection: Active
Netflow Export: Active Netflow Export: In-Active
Netflow operation in a Virtual Switch is similar to the way in which Netflow operates in a single
chassis with Distributed Forwarding Card’s (DFC) present…

Netflow Export
The Virtual Switch Link will be used as the transit path to allow the standby Sup to forward
Netflow data to the active Supervisor for Netflow export - the VS Link should be dimensioned to
accommodate the expected Netflow export load…
Netflow Collector
Netflow
Netflow Export
Netflow
Data Data
VSL

Netflow Collection: Active Netflow Collection: Active
Netflow Export: Active Netflow Export: In-Active

IOS Image Upgrade
Full image upgrade process using Fast Software Upgrade (FSU): similar to that of two
supervisor engines within a standalone chassis today
SW1-Slot5 SW2-Slot5
Switch 1 Switch 2
NAME
NAME CONTROL
CONTROL PLANE
PLANE FABRIC
FABRIC STATE
STATE REDUNDANCY
REDUNDANCY
SW1-SLOT5
SW1-SLOT5 Active
Active Active
Active --
SW2-SLOT5
SW2-SLOT5 Hot
Hot Standby
Standby Active
Active SSO
SSO

IOS Image Upgrade
1 Manually copy the new image or filesystem onto the appropriate flash device of each
supervisor. No impact to forwarding.
SW1-Slot5 SW2-Slot5
Switch 1 Switch 2
NAME
NAME CONTROL
CONTROL PLANE
PLANE FABRIC
FABRIC STATE
STATE REDUNDANCY
REDUNDANCY
SW1-SLOT5
SW1-SLOT5 Active
Active Active
Active --
SW2-SLOT5
SW2-SLOT5 Hot
Hot Standby
Standby Active
Active SSO
SSO

IOS Image Upgrade
1 Commands to copy the new image to the flash file system of both supervisors (Active and
Hot Standby)

IOS Image Upgrade
2 Modify boot variables to point to the new image or filesystem and reload Switch 2. Switch 2
should reset and boot into the new image in RPR mode. System bandwidth falls to 50%
SW1-Slot5 SW2-Slot5
Switch 1 Switch 2
NAME
NAME CONTROL
CONTROL PLANE
PLANE FABRIC
FABRIC STATE
STATE REDUNDANCY
REDUNDANCY
SW1-SLOT5
SW1-SLOT5 Active
Active Active
Active --
SW2-SLOT5
SW2-SLOT5 Cold
Cold Standby
Standby RPR
RPR

IOS Image Upgrade
2.1 Modify the boot variable on Switch 1 (Active VS) to point to the new image or file system and
save the configuration – this will synchronize the boot variable to Switch 2 (Standby VS) as
well.

IOS Image Upgrade
2.2 Schedule a change window and when possible, reload Switch 2 (Standby VS).

IOS Image Upgrade
2.3 After successful boot up of the Switch 2 (Standby VS), verify the peer relationship between
Supervisors are in RPR state (Cold Standby).
<snip>
<snip>

IOS Image Upgrade
3 Switch over Active supervisor to Switch 2 when desired. System capacity will drop to 0%
temporarily and return to 50% once SW2-Slot5 completely boots up and becomes active.
SW1-Slot5 will continue to boot up…
SW1-Slot5 SW2-Slot5
Switch 1 Switch 2
NAME
NAME CONTROL
CONTROL PLANE
PLANE FABRIC
FABRIC STATE
STATE REDUNDANCY
REDUNDANCY
SW1-SLOT5
SW1-SLOT5 Cold
Cold Standby
Standby RPR
RPR
SW2-SLOT5
SW2-SLOT5 Active
Active Active
Active --

IOS Image Upgrade
3.1 When possible, perform a supervisor or chassis switchover such that Switch 2 (previous
Standby VS) now assumes the Active role whilst Switch 1 (previous Active VS) is reloaded.
At this time, a total VSS outage will be expected as Switch 2 transitions from an RPR Cold
Standby state to the Active state.

IOS Image Upgrade
3.2 Once Switch 2 is completely online, it will re-peer with its neighbors and form any applicable
relationships and traffic will be forwarded through the VSS again at 50% capacity while
Switch 1 continues to boot up with the new image or filesystem.

IOS Image Upgrade
4 After Switch 1 comes online again, it will return to SSO mode as it will now be running the
new version of software and traffic will return to 100% capacity…
SW1-Slot5 SW2-Slot5
Switch 1 Switch 2
NAME
NAME CONTROL
CONTROL PLANE
PLANE FABRIC
FABRIC STATE
STATE REDUNDANCY
REDUNDANCY
SW1-SLOT5
SW1-SLOT5 Hot
Hot Standby
Standby Active
Active SSO
SSO
SW2-SLOT5
SW2-SLOT5 Active
Active Active
Active --

IOS Image Upgrade
4 After Switch 1 is completely brought back online and all interfaces are active, it will enter into
NSF/SSO state with Switch 2.
<snip>
<snip>

IOS Image Upgrade
The following graph illustrates the aggregate traffic for the VSL system during the full image
upgrade:
1 2.1 2.2 2.3 3.1 3.2 4
1] Copy new image 2.2] Reboot SW2 3.1] Switchover 4] SW1 is completely rebooted
in both switches from SW1 to SW2 and comes back in SSO mode
2.1] Change bootvar in 2.3] SW2 comes 3.2] SW2 comes back from
both switches back in RPR the Cold Standby mode
Agenda
Introduction to VSS
Integrated
Services Routers
Conversion Process
High Availability
Quality of Service
High Availability
Redundancy Schemes
The default redundancy mechanism between the 2 VSS chassis and their associated supervisors is
NSF/SSO, allowing state information and configuration to be synchronized.
Only in NSF/SSO mode does the Standby supervisor PFC, Switch Fabric, modules and their associated
DFCs become active…
Switch 1 Switch 2
12.2(33)SXH1 12.2(33)SXH1
Active NSF/SSO
VSL
Should a mismatch of information occur between the Active and Standby Chassis, the Standby Chassis will
revert to RPR mode, where all the modules will be powered down (except for the VSL ports)
Switch 1 Switch 2
12.2(33)SXH1 12.2(33)SXH2
Active RPR
VSL

High Availability
Dual-Active Detection
In a Virtual Switch Domain, one switch is elected as Active and the other is elected as Standby
during bootup by VSLP. Since the VSL is always configured as a Port Channel, the possibility
of the entire VSL bundle going down is remote, however it is a possibility…
VSL

Control Plane: Active Control Plane: Standby
ItIt is
is always
always recommended
recommended toto deploy
deploy the
the VSL
VSL with
with 22 or
or more
more links
links and
and distribute
distribute those
those
interfaces
interfaces across
across multiple
multiple modules
modules to
to ensure
ensure thethe greatest
greatest redundancy
redundancy

High Availability
Dual-Active Detection
If the entire VSL bundle should happen to go down, the Virtual Switch Domain will enter a Dual
Active scenario where both switches transition to Active state and share the same network
configuration (IP addresses, MAC address, Router IDs, etc…) potentially causing
communication problems through the network…
VSL
VS State : Active VS State : Active

Control Plane: Active Control Plane: Active
2 mechanisms have been implemented in the initial release to detect and recover from a Dual
Active scenario:
Enhanced Port Aggregation Protocol (PAgP+): uses MEC links to communicate
1
between the two chassis
2 Dual-Active Detection over IP-BFD: uses a backup Ethernet connection.

High Availability
Dual-Active Detection - Enhanced PAgP
PAgP+ adds new TLV (switch ID of the active switch) to remote devices connected via
EtherChanneled to the Virtual Switch Domain.
During normal operation the Virtual Switches will send the ID of the Active VS to the PAgP
neighbor, and it will respond with the same Active ID…
Switch 1 Switch 2 Switch 1 Switch 2
Active: Switch 1 Active: Switch 1 Active: Switch 1 Active: Switch 2
Should the VSL go down, the Standby switch will transition immediately to Active state and
start sending PAgP message with the new Active switch ID

High Availability
The Enhnaced PAgP-capable neighbor will send the new Active Switch ID to all ports of the
port channel that it received the new Active Switch ID on
This includes the the previous-active Virtual switch (Switch 1) …
Switch 1 Switch 2
Active: Switch 2 Active: Switch 2

High Availability
When Switch 1 receives PAgP messages with Active Switch = 2, it will know that a Dual-Active
scenario has occurred
Recovery Mode: Switch 1 will then bring down all non-VSL interfaces (except interfaces
configured to be excluded from shutdown)
Dual-Active!!
Dual-Active!!
Switch 1 Switch 2 Switch 1 Switch 2
Active: Switch 2 Active: Switch 2 Active: Switch 2

High Availability
vs-vsl#conf
vs-vsl#conf tt
Enter
Enter configuration
commands, one
one per
per line.
line. End
End with
with CNTL/Z.
CNTL/Z.
vs-vsl(config)#switch
vs-vsl(config)#switch virtual
virtual domain
domain 10
10
vs-vsl(config-vs-domain)#dual-active
vs-vsl(config-vs-domain)#dual-active detection pagp
detection pagp
vs-vsl(config-vs-domain)#dual-active trust
trust channel-group
channel-group 20
20
vs-vsl#
vs-vsl#
Dual-Active Detection capabilities require that the neighboring device be Dual-Active Detection
Aware. This can be verified with the following command…
vs-vsl#sh
vs-vsl#sh switch
switch virtual
virtual dual-active
dual-active pagp
pagp
Channel
Channel group
group 20
20 dual-active
dual-active detect
detect capability
capability w/nbrs
w/nbrs
Dual-Active
Dual-Active version:
version: 1.1
1.1
Dual-Active
Dual-Active configured: Yes
configured: Yes
Dual-Active
Dual-Active Partner
Partner Partner
Partner Partner
Partner
Port
Port Detect
Detect Capable
Capable Name
Name Port
Port Version
Version
Gi1/8/1
Gi1/8/1 Yes
Yes vs-access-1
vs-access-1 Gi5/1
Gi5/1 1.1
1.1
Gi2/8/1
Gi2/8/1 Yes
Yes vs-access-1
vs-access-1 Gi5/2
Gi5/2 1.1
1.1

High Availability
Dual-Active Detection - IP-BFD
This method uses a dedicated L3 direct link heartbeat mechanism between the Virtual
Switches.
IP-BFD (Bi-Directional Forwarding Detection) is used to assist the fast detection of a failed VSL
VSL
IP-BFD Heartbeat Link

Switch 1 Switch 2
VSL
BFD
BFD BFD
BFD
IP-BFD Heartbeat Link

Switch 1 Switch 2
IfIf the
the VSL
VSL goes
goes down,
down, both
both chassis
chassis create
create BFD
BFD neighbors,
neighbors, and
and trytry to
to establish
establish adjacency.
adjacency.
IfIf the
the original
original active
active chassis
chassis receives
receives an
an adjacency
adjacency message,
message, itit realizes
realizes that
that this
this is
is dual-active
dual-active
scenario
scenario
High Availability
Dual-Active Detection - IP-BFD
Two directly-connected interfaces must be configured as BFD message links…
The IP-BFD Heartbeat link may exist on any interface but must have an IP address assigned to
it on a different network
vss(config)#interface
vss(config)#interface gigabitethernet
gigabitethernet 1/5/1
1/5/1
vss(config-if)#no switchport
vss(config-if)#ip
vss(config-if)#ip address
address 200.230.230.231
200.230.230.231 255.255.255.0
255.255.255.0
vss(config-if)#bfd
vss(config-if)#bfd interval
interval 100
100 min_rx
min_rx 100
100 multiplier
multiplier 50
50
vss(config-if)#interface gigabitethernet 2/5/1
vss(config-if)#interface gigabitethernet 2/5/1
vss(config-if)#no
switchport
vss(config-if)#ip
vss(config-if)#ip address 201.230.230.231
address 201.230.230.231 255.255.255.0
255.255.255.0
vss(config-if)#bfd
vss(config-if)#bfd interval
interval 100
100 min_rx
min_rx 100
100 multiplier
multiplier 50
50
vss(config)#switch
vss(config)#switch virtual
virtual domain
domain 100
100
vss(config-vs-domain)#dual-active
vss(config-vs-domain)#dual-active detection bfd
detection bfd
vss(config-vs-domain)#dual-active
vss(config-vs-domain)#dual-active pair
pair interface
interface gg 1/5/1
1/5/1 interface
interface gg 2/5/1
2/5/1 bfd
bfd
adding
adding aa static
static route
route 200.230.230.0
200.230.230.0 255.255.255.0
255.255.255.0 Gi2/5/1
Gi2/5/1 for
for this
this dual-active
dual-active pair
pair
adding
adding aa static
static route
route 201.230.230.0
201.230.230.0 255.255.255.0
255.255.255.0 Gi1/5/1
Gi1/5/1 for
for this
this dual-active
dual-active pair
pair
Static routes are automatically added for the remote addresses and will only be installed in the RIB should
a Dual-Active scenario occur.
As a result of this, no packets will be forwarded between the switches via the heartbeat interfaces until the
VSL is brought down
If the Virtual Switch Standby has taken over as active, a BFD “adjacency up” event will be generated,
indicating a Dual-Active situation has occurred.
High Availability
Dual-Active Detection - Exclude Interfaces
Upon detection of a Dual Active scenario, all interfaces on the previous-Active switch will be
brought down so as not to disrupt the functioning of the remainder of the network.
The exception interfaces include VSL members as well as pre-determined interfaces which may
be used for management purposes…
vs-vsl#conf
vs-vsl#conf tt
Enter
Enter configuration
commands, one
one per
per line.
line. End
End with
with CNTL/Z.
CNTL/Z.
vs-vsl(config)#switch virtual domain 100
vs-vsl(config)#switch virtual domain 100
vs-vsl(config-vs-domain)#dual-active exclude
exclude interface
interface Gig
Gig 1/5/1
1/5/1
vs-vsl(config-vs-domain)#dual-active exclude
exclude interface
interface Gig
Gig 2/5/1
2/5/1
vs-vsl(config-vs-domain)#
vs-vsl(config-vs-domain)# ^Z
^Z
vs-vsl#
vs-vsl#

High Availability
Dual-Active Recovery
The network administrator is notified of the Dual-Active situation through the CLI, syslog,etc
Upon the restoration of one or more VSL interfaces, VSLP will detect this and will proceed to
reload Switch 1 so that it may be able to re-negotiate Active/Standby role after bootup…
Switch 1 Switch 2
VSL
VSL Up!
Up! Reload…
Reload…
Switch 1 Switch 2
VSLP
VSLP VSLP
VSLP
After role has been resolved and SSO Hot Standby mode is possible, interfaces will be brought
up and traffic will resume back to 100% capacity…
Agenda
Introduction to VSS
Integrated
Services Routers
Conversion Process
High Availability
Quality of Service
Quality of Service
Classification & Policing
Classification and Policing functions are handled by PFC QoS, and is executed by either the
PFC on the Active and Hot Standby Supervisor, or the ingress linecard DFC.
There are 2 important caveats which must be understood
1 Policies must either be applied on L3 interfaces (SVIs or Physical interfaces), or Port
Channels. Policies on L2 interfaces are not supported in this release.
policy-map
policy-map CLASSIFY
CLASSIFY
class class-default
class class-default
set
set ip
ip dscp
dscp 40
40
interface
interface GigabitEthernet
GigabitEthernet 2/3/48
2/3/48
switchport
switchport
service-policy
service-policy input
input CLASSIFY
CLASSIFY
policy-map
policy-map CLASSIFY
CLASSIFY
class
class class-default
class-default
set
set ip
ip dscp
dscp 40
40
interface
interface PortChannel
PortChannel 10
10
switchport
switchport
service-policy
input CLASSIFY
CLASSIFY

Quality of Service - Classification & Policing
2 Aggregate policers that are applied on SVIs or Port Channels that have interfaces
distributed across multiple forwarding engines are subject to Distributed Policing
caveats…
policy-map
policy-map POLICE
POLICE
class
class class-default
class-default
police
police average
average 10000000
10000000
Interface
Interface GigabitEthernet
1/2/10
channel-group 20 mode desireable
channel-group 20 mode desireable
Interface
Interface GigabitEthernet
2/2/10
channel-group
channel-group 20
20 mode
mode desireable
desireable
interface
interface PortChannel
PortChannel 20
20
service-policy
input POLICE
POLICE

Quality of Service
QoS on the VSL
The VSL itself has QoS provisioned by default and in the FCS release of the software, it is not
configurable. A few important aspects relating to VSL QoS are as follows:
1 VSLP and other Control frames are always marked as Priority packets and are
always queued and classified as such
2 VSL is always configured as “Trust CoS” and hence ingress queuing is enabled
3 Service Policies are not supported on the VSL
4 CoS Maps, Thresholds and Queues are not configurable on the VSL
VSL
HTTP
HTTP FTP
FTP VSLP
VSLP
Switch 1 Switch 2

Summary Allows two physical Catalyst
6500’s to operate as a single
logical Catalyst 6500 switch
VSS reduces number of routing
nodes and routing protocol
overhead
Multi-Chassis Etherchannel
provides new benefits for STP
elimination and improved
resiliency
Dual Active Recovery
mechanisms for VSL failure
VSS simplifies network complexity
and management overhead by 50
percent, thus increasing
operational efficiency and
lowering operating expenses
(OpEx).

Want more?
VSS Solution Overview
http://www.cisco.com/en/US/partner/prod/collateral/switches/ps5718/ps9336/product_soluti
on_overview0900aecd806fa5d0.html
Whitepaper: Cisco Catalyst 6500 Series Virtual Switching System (VSS) 1440
http://www.cisco.com/en/US/partner/prod/collateral/switches/ps5718/ps9336/prod_white_p
aper0900aecd806ee2ed.html
Virtual Switching System (VSS) Q&A
http://www.cisco.com/en/US/partner/prod/collateral/switches/ps5718/ps9336/prod_qas0900
aecd806ed74b.html
For a list of other Cisco products that support enhanced PAgP, refer to Release
Notes for Cisco IOS Release 12.2(33)SXH and Later Releases.
Partner Education Connection
http://www.partnerelearning.com

Q and A


VSS

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

VSS

Transféré par

Droits d'auteur :

Formats disponibles

Virtual Switching

 Virtual Switching Architecture

Single active uplink

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3

FHRP, HSRP, VRRP

Single active uplink per

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6

Single router node, Fast

Dual Active Uplinks,

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13

 Virtual Switching Architecture

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15

1 Verify neighbor is Bi-Directional

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21

Switch 1 - Control Plane Active Switch 2 - Control Plane Hot Standby

Virtual Switch Domain

Switch 1 - Data Plane Active Switch 2 - Data Plane Active

Virtual Switch Domain

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24

 Virtual Switching Architecture

Regular Etherchannel on single chassis Multichassis EtherChannel across 2 VSL-

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29

Blue Traffic destined for Orange Traffic destined

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 34

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35

 Virtual Switching Architecture

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 37

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 38

12.2(33)SXH1 is the first version that supports VSS

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 39

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 40

Sup/Feature PFC3A PFC3B PFC3B-XL PFC3C PFC3C-XL

 Virtual Switching Architecture

VSL Link Bundle

Switch Virtual Domain #10

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 44

Router(config)#host VSS Router(config)#host VSS

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 45

VSS(config)#interface port-channel 1 VSS(config-if)#interface port-channel 2

VSS(config-if)#interface range tenG 5/4 - 5 VSS(config-if)#interface range tenG 5/4 - 5

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 46

vss#switch convert mode virtual vss#switch convert mode virtual

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 47

SWITCH CONSOLE OUTPUT

00:11:33: %PFINIT-SW1_SP-5-CONFIG_SYNC: Sync'ing the startup configuration to the standby

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 49

vss#sh switch virtual

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 51

© 2007 Cisco Systems, Inc. All rights reserved. Cisco Confidential 52

 Virtual Switching Architecture

Virtual Switching Architecture

Virtual Switching Architecture

Virtual Switching Architecture

Virtual Switching Architecture

Virtual Switching Architecture

Virtual Switching Architecture

Virtual Switching Architecture

Virtual Switching Architecture