An example of using the OSPF and ECMP protocols on the Zyxel switches, hardware stack (HW Stack) for the fault tolerance of internet access for the enterprise-level network
In our scenario, we are going to demonstrate how the Zyxel switches use the OSPF and ECMP protocols, the hardware stack (HW Stack) for redundancy (resiliency) of internet access for an enterprise-level network.
Consider the following topology:
The multi-level architecture of local computer networks provides for the organization of the following levels of hierarchy:
1. Access Layer
It is formed by switches operating at the second level according to the OSI model. Switches at this level provide users with ports, form virtual networks (VLANs) within these switches and can be represented by both modular devices and stackable devices. Connecting access level switches to the distribution level can be made using Gigabit Ethernet links. At this level, we recommend using GS1920 / GS2210 / GS3700 series switches.
2. Distribution Layer
It is formed by switches operating at the third level according to the OSI model. Distribution level switches connect access level switches to central LAN switches, namely core level switches. Distribution level switches can be connected to the core level via Gigabit Ethernet or 10 Gigabit Ethernet channels (using SFP + transceivers). At this level, we recommend using XGS3700 series switches.
3. Core Layer
It is formed by switches operating at the second and third levels according to the OSI model. core level switches aggregate traffic from distribution level switches. At this level, we recommend using XGS-4526 / XGS-4728F / XGS4700-48F switches.
A redundancy level 2 (Layer 2) will be configured between the GS2210 switches and the XGS3700 stacked on the stack.
The XGS3700 and XGS4500 series switches use the Spanning Tree Protocol to configure redundancy, since XGS3700 series switches do not support dynamic routing protocol.
In this case, the administrator will need to set up a static route on the XGS4500 and distribute it over OSPF.
Below we consider each level in more detail.
At the Access Layer, we use the LACP
protocol. To make path redundancy, we recommend using the LACP protocol between access level switches and distribution level switches. Loop guard must be enabled on the access level switches to avoid looping. In our example, the distribution level switch is the gateway for clients, and Load Sharing (ECMP) is enabled for it.
ip route 0.0.0.0 0.0.0.0 172.16.10.254
ip route 0.0.0.0 0.0.0.0 172.16.10.253
At the Distribution Layer, we use the ECMP protocol to load balance the load sharing (installing several equal data transfer routes) and STP
, RSTP) to reserve the path between the source and the destination points. When one of the paths to the network core drops, RSTP will open an alternate port so that traffic can be routed to uplink (i.e., to the core switches). Since the XGS3700 series switches do not support the dynamic routing protocol, the core_Sw4 and Core_Sw3 core switches need to be configured with a static route and redistributed into OSPF.
ip route 10.10.0.0 255.255.0.0 172.16.10.252
At the core level (Core Layer) we use the OSPF protocol
to perform redundancy from switches of the redundancy level. On the Cisco router, you must enable OSPF and notify the default route to the core switches.
When the link falls between the core switches, OSPF will recalculate the new topology.
Core switches will add all VLAN interfaces to the OSPF area and static routing entries and then notify all neighbors.
Attention! The client network segment must be separated from the OSPF routing domain.
On the DSw1 distribution level switch, Load Sharing (ECMP) is enabled, and 2 default routes are configured in the routing table.
When the link between DSw1 and Core_Sw3 or Core_Sw4 drops, RSTP will open the alternate port and all traffic will be directed to the core level switches.
Core_Sw4 # show spanning-tree config
Port  Info:
(b) State: FORWARDING
Port  Info:
(b) State: FORWARDING
Here is the core level switch routing table:
When the connection between Core_Sw1 and Core_Sw3 is lost, OSPF detects that there are no neighbors and recalculates the new topology.
Attention! In this topology, there are some features.
The server and client will not be able to connect, if they are in the same broadcast domain. This is due to the operation of the SVI (switch virtual interface), it is always in the UP state, even if the switch port is in the Downstate. Therefore, the client will not be able to connect to FTP 172.16.12.250, if the connection between Core_Sw2 and Core_Sw3 is lost.
To prevent this, you need to separate the IP address of the servers and clients from the OSPF routing domain. When there is no connection between the Core_Sw2 and Core_Sw4 switches, Core_Sw4 will determine that the neighbor does not exist and recalculate OSPF.
You can view the configuration examples (configs in text format) for core switches in the archive CoreSw_config.zip.