we use the same switch for everything and have it broken into untagged vlans which simulate breaking the switch up into smaller switches. we have two switches total with the same configuration and one port on each is configured as a trunk (the switches are connected to one another). All servers have a connection to switch A and a connection to switch B. The servers are running an ethernet bonding driver which only allows one active interface. We have two pfsense firewalls with a pfsync interface between them. Firewall A is connected to switch A and firewall B is connected to switch B.
http://www.nocturnal.org/quickexample.gif hopefully self explanatory .. just keep in mind that i have multiple connections between the switches and firewalls and do route the different "physical" switch segments through the firewall. On Tue, 2005-12-13 at 01:00 -0800, Kevin Steger wrote: > Hello, > > I have looked at the tutorial on the site for setting up redundant > firewalls > and I have a question. In the architecture on the first slide of the > tutorial there is a single switch connecting the firewalls to the > internet, > and a single switch connecting them to the lan. I'm sure that this is > done > to simplify the example, but does there exist anywhere an example > using > redunant switching hardware as well? I have 2 database machines I'm > dropping in a colo and I want redundant firewalling and IpSec VPN. > > Thanks much. > > -- > Kevin
