Get creative: static routing with Catalyst 3750

I've probably got this question due to my IP Corner article Small site multi-homing, where I've been describing reliable static routing. Here's the scenario: we have two sites, each using a Catalyst 3750 switch, and routing between them using static routes. There's a primary fiber link between them and we're using twisted-pair-to-fiber converters due to port limitations on Cat3750. These converters do not report fiber link down status correctly (the carrier is still present on twisted pair even if fiber is down), so the primary Ethernet interfaces do not go down if the fiber link breaks and the primary static route is not removed, requiring manual action to switch over to the backup link.

My initial reaction was a polite answer explaining that the dynamic routing protocols were invented to handle scenarios like this one, but the poor guy responded that his boss does not want to hear about a dynamic routing protocol.” The next idea was the reliable static routing, tracking next-hop availability over both interfaces, but the Catalyst IOS does not support that, as it's based on 12.2 release.

I've got a few other ideas in the meantime (at least one of them working perfectly), but let's hear it from you first ... what would be your solution to this problem?

27 comments:

  1. Gre tunneling + floating routes (if the 3750 supports it). When the Gre tunnel goes down, first route gets removed from routing table. (Ugly)

    or

    SPT + Inter VLAN Switching(not sure).
    Every ethernet interface goes into this vlan, and routes points to the next hop(not interface). SPT should handle L2 connectivity issues.

    Are the same than yours?

    ReplyDelete
  2. spanning tree ?

    ReplyDelete
  3. 1. Object tracking using IP SLA, pinging the remote end of the fibre link and removing the static route if this link goes down. (...but would it cope with the interface being 'up' again after failure and routing over to the radio?)

    2. Spanning Tree, blocking the radio interface.

    3. LACP, bundle both and use all the bandwidth.

    ReplyDelete
  4. Yeah. The best way is to have etherchannel between them. In case of failure port will get down, and then less preferable route over wireless will do the trick. :)

    ReplyDelete
  5. BFD with floating static

    ReplyDelete
  6. Ivan, its very interesting problem. Please give some comments about UDLD and BFD usability to detect failures of fiber channel between converters... its very common case.

    ReplyDelete
  7. Mikhail an anon, AFAIK, there is no support for bfd on 3750, and it's definitly that bfd will not be supported for static routes on 3750 (6500 sxf still don't have it).
    so etherchannel, or udld. but udld needs additional configuration with errdisable stuff, that's why, imho, etherchannel is better :)
    and yes, it's a very common case :)

    ReplyDelete
  8. Everything you do to cope with this issue will be dynamic routing. Maybe not named explicity. The simplest way is to change the boss.

    ReplyDelete
  9. Actually, LACP over unequal bandwidth paths (not interfaces) may cause out-of-sequence frames, not packets, which will probably have a rather bad effect on throughput.

    ReplyDelete
  10. I send you this information, with respect that it only be this one time. I will not SPAM you in the future. Your assistance or referral would be greatly appreciated.

    Now that you can claim yourself to be CCIE, its time to make your mark in the Telecom Industry working for the Best.

    Are you ready?

    Cisco Services/-HTTS Group
    High Touch Technical Support
    The High Touch Technical Support (HTTS) is a premium service that provides customers with technical assistance 24 hours a day, 7 days a week, from Cisco Advanced Services engineers who have a comprehensive understanding of their network, operations procedures, business processes, past problems, and present concerns. This is your opportunity to be exposed to new cutting edge technologies, multiple, diverse network environments all over the global. Are you ready to take your certification to the next level…..be the Expert in your field?

    Cisco Systems, Inc. is seeking a Consulting Support Engineers for Phoenix-Arizona, Columbus-Ohio and Somerset-New Jersey campuses. We will relocate the preferred candidate. You must be a US citizen.

    The following responsibilities are associated with this High Touch Technical Support Engineer position:

    --Role is dedicated support function providing reactive technical support to large Enterprise customer.
    --Will have a strong background in Routing Protocols and Large scale Architecture.
    --Acts as a technical expert in LAN Switching specific to CAT6K.
    --Provides second line phone/email/fax consultation to independently debug complex product problems.
    --Will provide systems/product training both internally and externally.
    --Acts as a focal point for large account network problem resolution.
    --Provides support on a world-wide basis.
    Successful candidate has the following experience, knowledge or proven capabilities:
    --Ability to work independently, as the position only receives minimal supervision with no instruction on routine work and general instruction on new assignments.
    --Ability to analyze, use and configure small to medium networks.
    --Proven crisis management skills.
    --Works on problems of diverse scope where analysis requires evaluation of identifiable factors.
    --Applies known solutions to solve problems.

    The following technical skills are required:
    --Routing Protocols
    --Large scale Architecture
    --LAN switching expertise specific to CAT6K

    Typically requires BS in CS or EE or equivalent plus 7-10 years related experience. You must have a current, completed CCIE to be considered. Candidate must be willing to be tested on strengths. Salary will be commensurate with experience, with exceptional Benefits and Stock options. We are competitive on our total compensation offerings. If you are interested in working for Cisco in this capacity then please submit your details and CV to injones@cisco.com. Only those candidates that meet the requirements will be contacted.

    ReplyDelete
  11. Let just say that I am amazed that someone working with/for Cisco would post such anonymous off-topic solicitations in an otherwise technical blog ... more so as you haven't asked me for any permission before doing so.

    I was considering deleting your post, but decided to leave it as it is.

    ReplyDelete
  12. “his boss does not want to hear about a dynamic routing protocol.”

    The boss is an idiot and should be educated or removed. The questioner's time would be best spent finding out why the boss has an irrational fear against the right tool for the job.

    ReplyDelete
  13. so, had anyone solve that problem with logical link checking on the 2nd lvl, coz i've the same problem? On the 3nd lvl the solvation is track+rtr+route-map.

    ReplyDelete
  14. oh.. thanks. i'm investigating ur blog now. many new useful things for me.... thanks a lot Ivan.

    ReplyDelete
  15. Why not configure the path cost and assign a priority port.

    http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_11_yj4/configuration/guide/swmstp.html#wp1039394

    ReplyDelete
  16. Coming in a bit late here, but...

    Has the OP looked at how the media converter is set up? Many media converters have a test mode where a down link status is not passed from one side to another. Once you take it out of test mode, it will pass status. Usually it's a small push button, or a switch.

    Sean

    ReplyDelete
  17. Make the links L2 links on the same VLAN, with the backup link spanning tree's cost higher.

    Configure VLAN interface on both 3750, on on that VLAN use the smallest possible MAC address table timeout. Spanning tree will do the rest....

    dan

    ReplyDelete
  18. This is a common issue when using media converters. Problem is that line protocol is not being passed from the fibre to the switch. Even if the fibre drops, the switch still (rightly) sees line-protocol UP between itself and the media converter.

    Usually there are some dip switches you can flip that will allow the unit to pass line-protocol. Check the documentation or manufacturers FAQ section.

    With the line-protocol issue fixed you just need to use static routes which include the interface syntax. Give the radio link a higher metric. Ethernet link drops, route gets removed and other link is used

    ReplyDelete
  19. The original problem was that somehow they could not get the link status indication from the fiber side of the converter to the TP side of it. If you get that fixed, the rest is easy (static/floating static routes).

    ReplyDelete
  20. Hi,
    I have the same network schema, but I have no problem using RIP. I'll to use RIP for automatic route change in case that one of them fails.
    The problem is that I want application traffic to work on the main line and the rest of the traffic on radio.
    Any idea how can i do that? QoS based on destination address?iZvyk

    ReplyDelete
  21. c3750 support object tracking with ip SLA.the combination of both can let use use static routing without ugly dynamic routing protocol.u need cisco ios 12-2.40S or later to do the jobs.cisco is the best.

    ReplyDelete
  22. Well, i think that you should or do Etherchannel whith those links or use EIGRP, this is a dynamic routing protocol, i know, but this do a tracking of the neighborhood and can help when one device that should be there in the other side is not.

    ReplyDelete
  23. I came across this post while searching for a similar problem of my own:

    Please consider the following:


    FWSM-6509 (Act) -> 3750E -> managed IPS -> 7206vxr-> ISP A
    | | |
    FWSM-6509 (Sty) -> 3750E -> managed IPS -> 7206vxr-> ISP B


    With the externally managed IPS devices (bridged interfaces that don't forward BPDU's) between the border router and the perimeter switch-stack, links on the 3750E's stay up even if a border router fails / reloads for maintenance, etc (mush like the media converters in the original problem). I have come across many of the same solutions that others have presented here only to discard them as:

    STP doesn't work since the IPS device discards BPDU's.
    LACP is not supported on the 7206vxr (even though lacp is listed as a supported feature on 12.4(24)T2). Etherchannel works fine but if only one link fails
    UDLD aggressive doesn't register the link loss

    The IPS devices have multiple in/out interfaces so I had created cross-stack etherchannels between the 3750 switch stack and each 7206vxr, attempting for greater redundancy - it seems that single links to the 7206 routers would make fault detection much simpler. I would prefer not to run a dynamic routing protocol in this area of the network, but I will if it is the "best" solution.

    Eagerly looking for the other 'in the meantime' solutions...

    ReplyDelete
  24. This post is over two years old, the follow-up summary is here:

    http://blog.ioshints.info/2007/09/static-routing-with-catalyst-3750-and.html

    ReplyDelete
  25. cant we use bfd both side on static routes ...

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.