It depends on switch design. I tested HA with 3com Switch 3300. A Switch 3300 makes MAC address table on every VLAN separately.
I made three VLANs in a Switch 3300. VLAN-MAP VLAN1-Port1,2,3,4 VLAN2-Port5,6,7,8 VLAN3-Port9,10,11,12 I connected GB-1000s.GB-1000-1 is prior to GB-1000-2. GB-1000-1-EXT to Port1 GB-1000-2-EXT to Port2 GB-1000-1-PRO to Port5 GB-1000-2-PRO to Port6 GB-1000-1-PSN to Port9 GB-1000-2-PSN to Port10 Switch 3300 could learn HA MAC Address on Port1,5,9. When I forced GB-1000-1 to offline, Switch 3300 switched HA MAC Address to Port 2,6,10. I heard the ENTERASYS Vertical Horizon(Formerly the Cabletron SmartSTACK) can learn same MAC on different VLANS with farmware 2.4.1 or later and VLAN leaning Configuration in Extended Bridge Configuration/Device Control Menu setting to IVL. But I haven't tested it. I suggest you to check new firmware and release notes of your switch. /MORI Tomoya > Graham Jones wrote: > > It would be nice to use a single managed switch configured with two > VLANs to implement the External and DMZ network connections for each > GB-1000. The two switches are then connected together (one cable for > each VLAN) so that the switches themselves become a fault tolerant > pair - both VLANs survive even if one switch fails. > > We tested this with one GB-1000 prior to installation at the customer. > > When the GB-1000 is in INIT mode or SLAVE mode, each of its interfaces > (visible via their respective configuration IP addresses) has a > different MAC address - so a switch with two VLANs works correctly. > > When the GB-1000 is in MASTER mode ALL its interfaces (now > implementing the desired virtual IP addresses) show the same MAC > address. The switch with two VLAN then fails to operate properly > because it cannot handle the same MAC address across two separate > VLANs. > > So we have to connect one switch on the DMZ and the other on the > External network - which is OK until a switch fails. This would > completely break one network and neither GB-1000 will be able to see > any of its beacons on that network - so both GB-1000 will go to INIT > mode - and nothing works until somebody replaces the faulty switch. > > OK so we can work around this with more cheap switches or hubs so that > there is no single point of failure on any network. > > But it would be REALLY GOOD if the GB-1000 when in master mode had 4 > different MAC addresses, one for each network interface. Can this be > done?
