RE: Network Design from Joseph L. Brunner on 2013-03-31 (Ccielab archives 03/2013)

From: Joseph L. Brunner <joe_at_affirmedsystems.com>
Date: Sun, 31 Mar 2013 07:07:26 +0000

Easy!

Just put a permit ip any any statement on any intermediary firewalls in all acl's as the first line, that are applied to all fw interfaces or on all routers...

Then asymmetric packets are bound to make it through!

Problem Solved, Design Validated

-Joe

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of aaron1_at_gvtc.com
Sent: Saturday, March 30, 2013 11:03 PM
To: Tony Singh
Cc: Cisco Fanatic; ccielab_at_groupstudy.com
Subject: Re: Network Design

How do you run dual L3 wan links with lan-side fhrp and maintain routing symmetry?

....and routing symmetry during fhrp failover...?

Aaron
----- Original Message -----
From: Tony Singh <mothafungla_at_gmail.com>
To: Cisco Fanatic <ebay_products_at_hotmail.com>
Cc: ccielab_at_groupstudy.com
Sent: Sat, 30 Mar 2013 22:54:24 -0400 (EDT)
Subject: Re: Network Design
is their a WAN that the 3945 connects to? does it run BGP?
a good design IMO is something that has dual links & meshed to account for single link/device failure scenarios, but is engineered enough to ensure no asymmetric routing /. routing blackholes and routing loops, run FHRP consider that your inbound/outbound routing or east to west is tested prior to production if you have the 3750-x then get two this makes them stackable and one less problem should the single device fail BR Tony On 31 March 2013 03:44, Cisco Fanatic <ebay_products_at_hotmail.com> wrote:
> My company hired a contractor who is a CCIE and I have learned some
> good things from him. But, still one question which I am not able to
> understand and can't get an answer for - What is considered a good
> network design? The answer I always get is "it depends". Understand
> that, so let me simplify in layman terms so that I can grasp the concept ...
> What is recommended if say you have a router (say 3945), a switch (say
> 6509) and access switches (3750x). How does this fit in "The Cisco
> Three-Layered Hierarchical Model".
> Should I consider 3945 as Core and 6509 as Distribution and configure
> InterVLAN routing on the 6509, OR, it's the other way around?
> -yuri
>
>
> Blogs and organic groups at http://www.ccie.net
>
> ______________________________________________________________________
> _ Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net _______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Sun Mar 31 2013 - 07:07:26 ART

This archive was generated by hypermail 2.2.0 : Wed Apr 03 2013 - 19:06:19 ART