07-12-2024 11:32 AM
I am looking to increase redundancy at a site by implementing HA with firewall. Currently only have single deployed but have purchased a second & starting to work on the connectivity. The firewalls are FPR1140's, while the switches are CBS350-24XT's
We currently use MS Hyper-V SET (Switch Embedded Team) to connect two server interfaces to our switches. In my testing I have found that if a server connection is lost, generally within 2-3 pings, everything is updated between the switch & server & connectivity is re-established with on the other interface.
Since the firewalls run in an active/standby arrangement, my thought was I could create a port channel on the firewall. Two interfaces going to the "primary path" switch, with a third interface in the channel going to the "secondary path" switch. On each switch, I then have a corresponding LAG member config. The two switches have their own LAG between them to allow traffic to transit.
Switch 1 will be the STP root bridge & Fast Link set to auto. This seems like would give us good resiliency if losing an interface, or entire network element. There looks to be a backup path that can be utilized once the LACP & STP protocols reconverge.
If FW1 fails, path should be SW1 > FW2
If SW1 fails, path should be SW2 > FW1
If SW1 & FW1 are both down, path should be SW2 > FW2
And vice versa.
Anyone have thoughts on this approach? I am trying to design around a network element SPOF.
Solved! Go to Solution.
07-12-2024 12:22 PM
No friend you need to connect SW as stack
Check this link it can help you
MHM
07-12-2024 11:36 AM
Are SW stack to each other ?
MHM
07-12-2024 11:59 AM
Not at the moment as I thought using STP would be sufficient. But I certainly can put them in a stack if that's what it's going to take.
07-12-2024 12:22 PM
No friend you need to connect SW as stack
Check this link it can help you
MHM
07-12-2024 01:17 PM
Excellent. Thank you very much for your insight & the link.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide