I dropped a couple of routers into place, replacing a bunch of network-specific firewall interfaces with a backbone-type link and put several of the specific networks onto the routers. Basically, pushing the firewalls deeper into the core, and the routing further out to the edge.
NOTE TO MYSELF: It is all Radia Perlman's fault, which is to say -- spanning tree spanning tree spanning tree. Check it, then check it again and still again. There were several problems I ran into that were either caused by spanning tree configs being borked or that I diagnosed by looking at spanning tree. If any of your network devices on a vlan disagree as to what the root bridge ID is, then you have some kind of discontinuous vlan. If you have spanning tree on some but not all devices, you are going to run into all kinds of problems with loop topology.
Subscribe to:
Post Comments (Atom)
About Me
- regis
- Regis has worked as a network engineer since 1994 for small companies and for large companies.
No comments:
Post a Comment