Aruba & ProVision-based
Showing results for 
Search instead for 
Did you mean: 

Replacing a L3 core-switch. Suggestions about design and maybe stack.

Occasional Contributor

Replacing a L3 core-switch. Suggestions about design and maybe stack.

Hi everyone! 

A little introduction:

If I'm posting this is the wrong location, or something like that please let me know. I'm new to the HPE Community :)

Alright. The story behind this is that I just graduated from a Networking Education, and just landed my first job a couple of months ago. Anyhow, was looking for a place do dicuss certain networking issues that I would come across, since I got no experience, and that we mainly use HP Networking Gear, it seems like this is a good place.

The issue:

The current issue I stand before is this;
We have  a L3 switch, that is acting like a core switch at one of our sites (please see attached topology):

The switch KOSS001, needs to be replaced. I had to restart it the other day, since that switch became unavailable with both SSH and console. Specs of the switch is below (from show tech buffers):

Product: HP J9145A
Name: HP 2910al-24G Switch
Date: Aug 22 2016 10:56:10
Build: 1784

If you look at the topology I have attached, you can see that the KOSS001 is a like a core L3 switch, and all traffic goses through it. About ~300 users. I need to replace this, since it has repeated problems.

What do you recommend?

The following would be some kind of speccs:

> Needs to be Layer 3
> Needs to be HP
> Needs a "stacking" solution (both for power redundancy etc).

Or do you got something else in mind? 

If the switch would fail today, the whole site would be affected.

Any suggestions or tips would be greatly appreciated. Thanks you all very much.

Best regards Conny.

Honored Contributor

Re: Replacing a L3 core-switch. Suggestions about design and maybe stack.

Well a grand total of 19 Switches distributed and inter-linked that it is possible that the Switch named KOSS001 (the one on the Hotel Server Room) is acting really as Layer 3 core switch? Is it actually the Default Gateway for all your VLANs? or is it just one Switch that is connected (so a real SPoF) to your two KOSR001 and KOSR002 routers (ports 21 and 22) and those ones provide, through their VRRP implementation, a Default Gateway Virtual IP Address (the where neither nor are actually used as DG IP Addresses, since those ones are binded to LAN physical interfaces of each KOSR router) for you entire network?

Is the KOSS001 really doing Layer 3 routing to KOSR001 and KOSR002?

Apart from that a real core with redudancy [*] should be made through the implementation of IRF (Comware based HPE Switches) or VSF (ArubaOS-Switch based Switches)...but then if I were you I would plan also to link KOSS003 and KOSS018 directly to the IRF/VSF Stack so a failure on KOSS003 on Outlet site will not impact on KOSS018 and its chains of other Switches on Glassworks site (it will impact only Outlet site chain of Switches).

Probably you should also reconsider how various access switches (e.g. the KOSS007, KOSS006 and KOSS008) are inter-linked together and how are linked to their core zone Switch KOSS003, the same could be said about Glasswork and Hotel zones.

[*] Power Supply redudancy can be implemented using both (some) Comware based Switch series and with Aruba 5400R zl2 (ArubaOS-Switch based Switch series). The Aruba 5400R zl2 (with zl v3 Modules only) in VSF loses its dual Management Modules (so VSF means no Management Modules redudancy, actually).

Respected Contributor

Re: Replacing a L3 core-switch. Suggestions about design and maybe stack.

I second the reply from parnassus.

Looking at your diagram vlan 11 seems only to exist in the Outlet location, so how can KOSS001 be L3 core switch for that vlan?

If you have enough links between the three locations I would consider using Comware switches with IRF in a ring configuration.

If possible try to connect all edge switches directly to KOSS001, KOSS003 and KOSS018.


Honored Contributor

Re: Replacing a L3 core-switch. Suggestions about design and maybe stack.

Each site has a "core" switch.

The 3 "core" switches are inter-linked.

The "core" on each site additionally acts as an edge switch for external services that are presented to each site.

There is a small number of Access switches, with a moderate amount of daisy chaining going on.

You have 3 sites, 300 users, and 19 switches, indicating fairly low-density patching is involved.

Your immediate problem is that you are not happy with your Hotel "Core". Fair enough: the 2910 is a $#!% switch. However based on the size of your network, it isn't easy to justify anything much fancier. 
You indicate you want something that stacks. If you can afford it, check out a pair of 2930s. If you need fancier routing, check out the 3800, although I think the 2930 should be sufficient.

In your position, I would be working towards continuous improvement by looking at:
 - through-patching instead of daisy-chaining, eg, use available structured fibre in the "Packing" wiring closet to patch the "Glass School" switch directly to the KOSS019 switch.
 - upgrade inter-site links to 10Gb
 - upgrade inter-switch links to 10Gb
 - implement switch-hardening, eg, DHCP snooping, loop-protect, broadcast control, disable telnet, enable Radius authentication
 - document your network fully (you have a good diagram)
 - what kind of monitoring do you have? Solarwinds, IMC, etc...?

Honored Contributor

Re: Replacing a L3 core-switch. Suggestions about design and maybe stack.

With 2930 @Vince-Whirlwind means the Aruba 2930F: consider that - with new planned software version that is going to be released soon - this switch series will support VSF (AKA frontplane stacking) with up to 4 members!

Edit: if neither VSF (frontplane stacking as per Aruba 2930F or per modular Aruba 5400R zl2 Switch series) nor Hardware Stacking (backplane stacking as per Aruba 2920 or Aruba 3810M Switch series) is really needed a cheaper (where "cheaper" means "with lesser features") Switch series (indeed very new, recently introduced), ArubaOS-Switch based too, is the Aruba 2540.