Re: Dual switch (not stacked) in a rack with bonded server NICs

EB_Tech · ‎10-21-2022

I've got 2 switches in a rack with a trunk connection between them. The servers have 4 NICs with a bond0 for NIC1&3 and bond1 on NICs 2&4.

NICs 1&2 are on switch 1 and NICs 3&4 on switch 2.

Firewall gateway (out of my control) is at xx.xx.3.1

VLANs/SVIs 1 2 3

Switch 1 xx.xx.3.2 xx.xx.4.1 xx.xx.5.1

Switch 2 xx.xx.3.3 xx.xx.4.2 xx.xx.5.2

Switches have route 0.0.0.0 0.0.0.0 xx.xx.3.1 (to the firewall)

Bond0 xx.xx.3.x
Bond1 xx.xx.4.x

So what should the gateway be for the different bonds on the NICs to ensure redundancy? I could make it the firewall but then if the firewall ever changes I would need to change every NICs gateway.

For example, if switch 1 goes down and bond0 is pointing to xx.xx.3.2 will it still get out to the firewall when the bond is now only connected to Switch 2 through NIC 3?

It's my understanding that the bond will failover but is it smart enough to know the gateway is to a different VLAN/SVI and then to the firewall? Or is there a way in linux to have a backup gateway or maybe leave the gateway empty?

Any help is appreciated. I'm still learning and networking is not my main area of expertise lol.

Edit:

2x Cisco C9300
Attached basic layout pdf

balaji.bandi · ‎10-22-2022

i would advise deploying HSRP on the switch for redundancy

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎10-22-2022

Hello,

post a schematic drawing of your topology, showing how your devices are connected. Is the redundant firewall already in place, or is that a fiuture option ? Also, what type/model switches do you have ?

EB_Tech · ‎10-22-2022

Just attached a pdf of the layout.

The firewall is for remote access into the systems. I'm only responsible for the rack itself with the 2 C9300 switches and servers.