Introduction:
The Cisco Virtual Switching System is a clustering technology that pools two Cisco Catalyst 4500-E Series Switches with Cisco Catalyst Supervisor Engine 7-E or 7-LE or two Catalyst 4500-X Series Switches into a single virtual switch. In a VSS, the data plane of both clustered switches is active at the same time in both chassis. VSS members are connected by virtual switch links (VSLs) using standard Gigabit or 10 Gigabit Ethernet connections between the VSS members. VSLs can carry regular user traffic in addition to the control plane communication between the VSS members.
Physical vs Logical Topology in a VSS Configuration
This document describes how to configure a virtual switching system (VSS) for the Catalyst 4500 series switch (Supervisor Engine 7-E, Supervisor Engine 7L-E).
Some key point to be remembered for Cisco 4500 VSS:
1) Configuration/Capability Supported supervisors on Catalyst 4500-E: VSS support Supervisor Engine 7-E or 7-LE (identical pairs).For more information about hardware to support please refer 4500 VSS Hardware requirement
2) Software requirement: Cisco IOS XE 3.4.0SG and ROMMON IOS Version 15.0(1r) SG7 later released support VSS.(Also refer How to Upgrade Cisco 4500 SUP7-E & Sup7L-E ROMMON To support VSS).
3)license requirement :
To know more on license requirement refer "Release Notes for the Catalyst 4500E Series Switch"
Feature
|
LAN Base
|
IP Base
|
Enterprise Service
|
|
No
|
Yes
(SUP7E only) |
Yes
|
|
No
|
Yes (SUP7E)
No (SUP7LE)
|
Yes (SUP7E)
Yes (SUP7LE)
|
For information about Software Activation Licensing please refer Cisco Catalyst 4500E Supervisor 7-E and 7L-E and Cisco Catalyst 4500-X Series Software Activation Licensing Deployment Guide.
4) Single-sup cross-chassis VSS support: Yes.
5) Quad-sup VSS configuration with in-chassis redundant sups: In-chassis redundant sups in rommon mode with active uplinks.
6) It also supports 10 Gigabit Ethernet Virtual Switch Link (VSL) and 1 Gigabit Ethernet VSL.
7) SSO and nonstop forwarding (NSF) must be configured on each switch. If a VSS does not meet the requirements for SSO redundancy; it will be incapable of establishing a relationship with the peer switch. Catalyst 4500/4500-X series switches' VSS does not support route processor redundancy (RPR) mode.
Prerequisite:
Before configuring VSS on Cisco 4500 please verify hardware and software requirement.
SW1#sh ver | in IOSCisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)Cisco IOS-XE software, Copyright (c) 2005-2010, 2012 by cisco Systems, Inc.All rights reserved. Certain components of Cisco IOS-XE software areor the applicable URL provided on the flyer accompanying the IOS-XEdocumentation or "License Notice" file accompanying the IOS-XE softwareSW1#sh ver | in ROMROM: 15.0(1r)SG7System returned to ROM by power-onSW1#sh license image levelsModule name Image level Priority Configured Valid license--------------------------------------------------------------------WS-X45-SUP7-E entservices 1 YES entservicesipbase 2 NO ipbaseRole Current Level Reboot Level ----------lanbase 3 NO lanbase Module Nam e----------------------------------------------------------entservices entservicesWS-X45-SUP7-E Active
SW2#sh ver | in IOSCisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSAL-M), Version 03.04.00.SG RELEASE SOFTWARE (fc3)Cisco IOS-XE software, Copyright (c) 2005-2010, 2012 by cisco Systems, Inc.All rights reserved. Certain components of Cisco IOS-XE software areor the applicable URL provided on the flyer accompanying the IOS-XEdocumentation or "License Notice" file accompanying the IOS-XE softwSW2#sh ver | in ROMROM: 15.0(1r)SG7System returned to ROM by power-onSW2#sh license image levelsModule name Image level Priority Configured Valid license--------------------------------------------------------------------WS-X45-SUP7-E entservices 1 YES entservicesipbase 2 NO ipbaseRole Current Level Reboot Level -----------lanbase 3 NO lanbase Module Name ---------------------------------------------------------entservices entservicesWS-X45-SUP7-E Active
Configuration Steps:
STEP1: Assigning Virtual Switch Domain and Switch Numbers
First you have to configure the same virtual switch domain number on both switches of the VSS. The virtual switch domain is a number between 1 and 255.After domain number you must configure one switch to be switch number 1 and the other switch to be switch number 2.
SW1#conf tEnter configuration commands, one per line. End with CNTL/Z.SW1(config)#switch virtual domain 10Domain ID 10 config will take effect onlyafter the exec command 'switch convert mode virtual' is issuedSW1(config-vs-domain)#switch 1SW1(config-vs-domain)#exitSW1(config)#
SW2#conf tEnter configuration commands, one per line. End with CNTL/Z.SW2(config)#switch virtual domain 10Domain ID 10 config will take effect onlyafter the exec command 'switch convert mode virtual' is issuedSW2(config-vs-domain)#switch 2SW2(config-vs-domain)#exitSW2(config)#
STEP2: Configuring VSL Port Channel:
Then you need to configure VSL with a unique port channel on each switch. During the conversion, the VSS configures both port channels on the VSS Active switch. If the VSS Standby switch VSL port channel number has been configured for another use, the VSS comes up in RPR mode. To avoid this situation, check that both port channel numbers are available on both of the switches.
SW1(config)#int port-channel 5SW1(config-if)#switchportual link 1 SW1(config-if)#no shut SWSW1(config-if)#switch vir t1(config-if)#exit2: %SPANTREE-6-PORTDEL_ALL_VLANS: Port-channel5 deleted from all Vlans*Jan 24 05:19:57.0 9
SW2(config)#int port-channel 10SW2(config-if)#switchportual link 2 SW2(config-if)#no shut SWSW2(config-if)#switch vir t2(config-if)#exit SW2(config)#6-PORTDEL_ALL_VLANS: Port-channel10 deleted from all Vlans*Jan 24 05:14:17.273: %SPANTREE -
STEP3: configure the VSL ports
You need to add the VSL physical ports to the port channel. In the following example, interfaces Gigabit Ethernet 7/3 and 7/4 on Switch 1 are connected to interfaces Gigabit Ethernet 4/45 and 4/46 on Switch 2.
SW1(config)#int range gig7/3 - 4SW1(config-if-range)#switchport mode trunkSW1(config-if-range)#channel-group 5 mode onWARNING: Interface GigabitEthernet7/3 placed in restricted config mode. All extraneous configs removed!WARNING: Interface GigabitEthernet7/4 placed in restricted config mode. All extraneous configs removed!SW1(config-if-range)#exit
SW2(config)#int range gig4/45 - 46SW2(config-if-range)#switchport mode trunkSW2(config-if-range)#channel-group 10 mode onWARNING: Interface GigabitEthernet4/45 placed in restricted config mode. All extraneous configs removed!WARNING: Interface GigabitEthernet4/46 placed in restricted config mode. All extraneous configs removed!SW2(config-if-range)#exit
Note: Once the interfaces are put into VSL port-channel with “channel-group" command, then the interfaces goes into “notconnect” status. Interface status will show UP, but the line protocol will be down. The interface will be in UP/down (not connect) status, till the switch is rebooted in step 4.
STEP4: Converting the Switch to Virtual Switch Mode:
You need to enter the “switch convert mode virtual” command on Switch 1 for Converting to Virtual Switch Mode .After you enter this command it will prompted to confirm the action. Enter yes. The system creates a converted configuration file, and saves the file to the bootflash:
SW1#switch convert mode virtualhis command will convert all interface namesTto naming convention "interface-type switch-number/slot/port",save the running config to startup-config ands/no]: yes Convertreload the switch. Do you want to proceed? [y eing interface names Building configuration...3 bytes[OK] Saving converted configuration to bootflash: .Compressed configuration from 6551 bytes to 28 9.. Destination filename [startup-config.converted_vs-20130124-062921]?n (G) Signature verification PASSED RommonPlease stand by while rebooting the system... Restarting system. Romm o (P) Signature verification PASSEDDFPGA (P) Signature verification PASS E
Similarly you need to enter the “switch convert mode virtual” command on Switch 2 for converting to Virtual Switch Mode.
SW2#switch convert mode virtualThis command will convert all interface namesto naming convention "interface-type switch-number/slot/port",save the running config to startup-config ands/no]: yes Convertreload the switch. Do you want to proceed? [y eing interface names Building configuration...4 bytes[OK] Saving converted configuration to bootflash: .Compressed configuration from 6027 bytes to 27 7.. Destination filename [startup-config.converted_vs-20130124-052526]?n (G) Signature verification PASSED RommonPlease stand by while rebooting the system... Restarting system. Romm o (P) Signature verification PASSED FPGA (P) Signature verification PASSED* * Welcome to Rom Mon************************************************************ * itor for WS-X45-SUP7-E System. * * Copyright (c) 2008-2012 by Cisco Systems, Inc. ** ****************************************** All rights reserved. * ********************
After you confirm the above commands on both switches, the running configuration is automatically saved as the startup configuration and the switch reboots. After the reboot, the switch is in virtual switch mode, so you must specify interfaces with three identifiers (switch/module/port).
When switches are being converted to VSS, you should not set them to ignore startup-config. If done, the switch can be enabled to parse the startup-config at the rommon prompt. Ignoring startup-config in VSS mode causes a switch to boot in a semi-VSS mode, which can only be corrected by a reboot and by enabling the parsing of startup-config.
Verification:
1) To displays the virtual switch domain number, and the switch number and role for each of the switches you can use “show switch virtual”command.
SW1#sh switch virtualxecuting the command on VSS member switch role = VSS Active, id = 1E Switch mode : Virtual Switchmber : 1 Local switch opVirtual switch domain number : 10 Local switch n uerational role: Virtual Switch Active Peer switch number : 2mmand on VSS member switch role = VSS Standby, id = 2Peer switch operational role : Virtual Switch Standby Executing the c o Switch mode : Virtual Switch Virtual switch domain number : 10 Local switch number : 2Virtual Switch ActiveLocal switch operational role: Virtual Switch Standby Peer switch number : 1 Peer switch operational role :
2) Once both switches cluster in single virtual switch, you will only have Active switch console and your Standby switch console appears as follow:
SW2-standby>tandby console disabledS
3) To displays the role, switch number, and priority for each of the switch in the VSS use “show switch virtual role” command.
SW1#sh switch virtual rolexecuting the command on VSS member switch role = VSS Active, id = 1E RRP information for Instance 1--------------------------------- Valid Flags Peer Preferred R---------------------------------- -eserved Count Peer Peer--------------- TRUE V 1 1 1 Switch Swi---------------------------------------------------- -tch Status Preempt Priority Role Local RemoteSID ----------------------------------------------------------Number Oper(Conf) Oper(Conf) SID ---------- LOCAL 1 UP FALSE(N ) 100(100) ACTIVE 0 0epresents the local switch Flags : V - Valid In dual-active reREMOTE 2 UP FALSE(N ) 100(100) STANDBY 6834 6152 Peer 0 rcovery mode: No Executing the command on VSS member switch role = VSS Standby, id = 2 RRP information for Instance 2Count Peer Peer ----------------------------------------------------------------------------------------------------------- Valid Flags Peer Preferred Reserved ----------------------------- TRUE V 1 1 1 Switch Switch Status Preempt Priority Role Local Remote2 UP FALSE(N ) 100(100) STANDBY 0 0 REMOTE 1Number Oper(Conf) Oper(Conf) SID SID -------------------------------------------------------------------- LOCAL UP FALSE(N ) 100(100) ACTIVE 6152 6834 Peer 0 represents the local switch Flags : V - ValidIn dual-active recovery mode: N o
4) To Displays information about the VSL use “show switch virtual link”command.
SW1#sh switch virtual linkxecuting the command on VSS member switch role = VSS Active, id = 1E VSL Status : UP VSL Uptime : 3 minutes VSL Control Link : Gi1/7/4VSL Status : UP VSL Uptime : 3 minutes VSL Control Link : Gi2/4/45Executing the command on VSS member switch role = VSS Standby, id = 2
5) You can also verify information about the VSL port channel using “show switch virtual link port-channel”command.
SW1#sh switch virtual link port-channelxecuting the command on VSS member switch role = VSS Active, id = 1E Flags: D - down P - bundled in port-channelstandby (LACP only) R - LayerI - stand-alone s - suspended H - Hot -3 S - Layer2 U - in use N - not in use, no aggregatione, no aggregation due to minimum links not metf - failed to allocate aggregator M - not in u s m - not in use, port not aggregated due to minimum links not met u - unsuitable for bundlingrts ------+-------------+d - default port w - waiting to be aggregated Group Port-channel Protocol P o-----------+------------------- 5 Po5(SU) - Gi1/7/3(P) Gi1/7/4(P)member switch role = VSS Standby, id = 2 Flags: D -10 Po10(SU) - Gi2/4/45(P) Gi2/4/46(P) Executing the command on VS Sdown P - bundled in port-channel I - stand-alone s - suspended H - Hot-standby (LACP only)ate aggregatorR - Layer3 S - Layer2 U - in use N - not in use, no aggregation f - failed to allo c M - not in use, no aggregation due to minimum links not met m - not in use, port not aggregated due to minimum links not metts ------+-------------+----------u - unsuitable for bundling d - default port w - waiting to be aggregated Group Port-channel Protocol Po r-+------------------- 5 Po5(SU) - Gi1/7/3(P) Gi1/7/4(P) 10 Po10(SU) - Gi2/4/45(P) Gi2/4/46(P)SW1 #
