BladeSystem - General
cancel
Showing results for 
Search instead for 
Did you mean: 

Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

SOLVED
Go to solution
Igor V Abzalov
Super Advisor

Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Hello. Help me please to understand right configuration for connecting to LAN my c7000 + BL460c G6 + 2x Cisco 3120.
We have 8 BL460c G6 servers. They divide in two server's groups (SGroup1 and SGroup2). On each server in each group i want to use HP Network team on NIC1 and NIC2 interfaces. SGroup1 servers are all in one vlan. SGroup1 servers are all in another vlan. We want to use Cisco 3120G as L2 switches (if it is possible) because our core switches are 2x Alcatel OmniSwitch 7800 and all rounting is on them. All vlan's are defined on Alcatel OmniSwitches. For high availability of servers - do we have to stack two 3120G or use them like 2 switches ? How do you connect BL460c and c7000 to LAN ?
36 REPLIES
Lmm_1
Honored Contributor
Solution

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Igor, I'd recommend stacking the switches, this way the servers will be connected to a single switch regardless of the port mapping architecture, having said that you will be able to configure the Teaming on SLB or LACP mode(2Gb Tx/Rx). Regarding the uplink connection with the Alcatel switch, you can create a single LACP Channel on the Cisco side using ports from both 3120s, the channel must be configure as a trunk in order to pass both VLANs.
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Thank you.
Can i manage Cisco 3120G through "external" port, where trunk connection with Alcatel will be? And how to config 3120G STP such way, that it will never be the root switch in STP tree? I need to setup Cisco 3120G such way, that only Alcatel will be the root.

And what about internal backplane connection between 2 Cisco ? Shall i use it or disable it ?

Cisco Fa0 conenction with Onboard administrator - shall it be in VLAN 1, or i can use any VLAN ID which i want ?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN


#1. Yes, you can manage the switch using an inbound management interface, SVI. It can be on any VLAN, of course it must be one of the VLANs passing across the Trunk, ie:

#int vlan x
#ip address x.x.x.x x.x.x.x
#no shut


#2. With the suggested config there is no need of STP at the 3120, you can disabled on VLAN basis with this command:

#no spanning-tree vlan x

If you want to enable it anyways, you can increase the priority value to make sure the 3120 will not become the root (higher than default which is 32768, maybe 40960), it can be done on VLAN basis with the following command:

#spanning-tree vlan x priority x


#3. With the suggested config, using stacking links, the Cross-connect will be disabled automatically.


#4. Fa0 is an L3 interface, it doesnt belong to any VLAN, if you are going to use and inbound management interface (question 1), I'd recommend to disable Fa0 and use the SVI only.
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Thank you for detailed explanation.
How do you recommend to divide access for this Cisco in our situation? We have two gorups of admins (Servers and Network). We want that Servers group have "read-only" access to both Cisco through Fa0 interface in OA network (for http,snmp interface to 3120G) . Network group - full access through external port connection. Are there any roles in Device Manager or it is assume full access to Cisco 3120 ?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Igor,
I would recommend using only one management interface, HTTP access requires a level 15 login which means full access. If you are going to use only one account per group, I'd recommend using the local database for login, you can limit privileges with the different levels provided by cisco, you can use something similar to this:

# user server privilege 3 secret {password}
# privilege exec level 3 show startup-config
# user server privilege 15 secret {password}

#line con 0
#login local
#line vty 0 15
#login local
#ip http authentication local

If you want to use more accounts, like one per person maybe, I'd recommend usin AAA with an external authentication server (RADIUS or TACACS), it will give you control to privileges for each user.

>lmm


Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Fixed example:

# user server privilege 3 secret {password}
# privilege exec level 3 show startup-config
# user network privilege 15 secret {password}

#line con 0
#login local
#line vty 0 15
#login local
#ip http authentication local
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Well. Let's look at Onboard Administrator. Could i make read-only acccount on it for Network group and full-access acount for Servers group ?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN


Under Users/Authentication you can choose privelege levels or permission by specific server bays and interconnect bays.
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

#2. With the suggested config there is no need of STP at the 3120, you can disabled on VLAN basis with this command:
#no spanning-tree vlan x

What is the best connection scheme for us ? We think to make 4 logical connections from 2 Cisco 3120G to 2 Alcatel 7800 (2 1000BASE-T cables per connection).Each of two 3120G we connect to each of two Alcatel 7800. As i understand we HAVE TO use STP because we have several links between Cisco and Alcatel and so we need prevent loops in LAN ?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN


It sounds good, keep 3120s stacked, and create two chanels, one to each Alcatel. If you are connecting to 2 Alcatel Switches, then yes, you need STP. Im not really sure about Alcatel STP capabilities... Cisco 3120 will run PVST+ by default, I'd recommend running RSTP in both switches if its supported on the Alcatel side.
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Well. We have launched c7000 yesterday. But Cisco telnet is not accesible yet. Should i use Console port for configure it for the first time ?
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

May be we must remove both switches now and install and configure first (left) switch alone?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

It requires password set on VTY for telnet, you can access the switches by console and use the follwing commands>

Option 1
username priv 15 secret
line vty o 15
login local

Option 2
line vty o 15
password
login

Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

We stack both 3120G switches and connect them to one Alcatel 6800. Network team said that will be problems if we connect Cisco to 2x Core Alcatel 7800 directly. They also wish to disable Fa0 on Cisco and manage switch through VLAN 1 external interface. Are there any aftereffects with such silution ?
Any way, as i understand, there are no default gateway on Fa0 interface? So i can't reach it from another network segment and have to connect PC to OA+Fa0 vlan.

Now i have problem with KVM and OA - some iLo's are blue on Health monitor and there is exclamation sign in Web-interface of OA. May be i have to connect triple-connector and customize "bad" iLo's through it ? There is a script for OA way but i don't know how to do it yet.
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN


Regarding the first question, you can disable Int Fa0 and manage the switch using the SVI on VLAN1, you can connect the 3120 stack to two switches but you must run STP. Regarding the iLO question, I'd recommend open a case with support.
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

I reconfigure my c7000 OA - disconnect blades with duplicate iLO IP's and then assign different IP for all problem iLo. It's all green now.

LAN connection is not complete yet. As i understand - i cannot assign speed 1000 for my BL460c NIC's with 10 Gbit/sec intefaces?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

The NC532i will work as 1Gb card only when connected to a Cisco 3120, that behavior cannot be change.
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

So, if we connect both 3120G to one Alcatel 6800 (it is temporary solution) - can we disable STP and connect just one cable between them ?
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

And how to assign interface to vlan ?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

1- Yes you can do it that way.

2 - #int vlan x
#ip address x.x.x.x x.x.x.x
#no shut
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Our Network team said that Cisco does not see Alcatel STP Root, but see another Cisco in our LAN. Is it possible ?
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

I dont think so, that sounds confusing... They have to make sure both switches are running compatible modes
Igor V Abzalov
Super Advisor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Hello. Now we have problem with NIC's on BL460c G6. 7 of 8 servers have strange problem. After rebooting of each server HP Network Team connection goes to state accuring network address and servers are unreachable!

Every server have Windows Server 2003 R2 EE SP2, SmartStart 8.60, latest firmware (Firmware CD 8.60 + Blade Firmware update). Only Windows Server 2003 x64 connect to LAN after restart. On all other servers i have to disable HP Network Team connection and then enable it!

HP Support tell me that it is software problem, not hardware.

I really need help.
Lmm_1
Honored Contributor

Re: Connect c7000 + 2x Cisco 3120G + BL460c G6 to LAN

Igor, what is the teaming mode? 802.3ad?