Generally speaking: - LAG across switches is not possible. Stackable switches permit this, and some high-end chassis switches permit this. - LAG eliminates the need for spanning-tree. Avoid STP in your network if at all possible... Or rather, always design L2 networks so that spanning tree has nothing to do, i.e. there are never multiple paths. Note that each LAG is considered a single interface for STP purposes.
If you need survivability for entire switch failure, you either need: - cross-chassis LAG (Cisco's 3750 series is the cheapest option I know of) - L3 redundancy, not L2 - STP -Adam Joseph Hardeman <[email protected]> wrote: >Hey Everyone, > >So I can do the failover and yes all of the switches are managed. I did see >where to setup the LAGG on the pfSense system. I have to deconfigure the two >nics I want to use and then set them up in failover mode I think. On the >switch side, I was using 2 separate switches with rapid spanning tree on their >uplink ports and ports to the pfSense system to assist in fast failover. I >will give it a shot on Monday and see how it goes. > >Thanks. > >Joe > >-----Original Message----- >From: [email protected] [mailto:[email protected]] >On Behalf Of Chris Buechler >Sent: Sunday, September 11, 2011 1:04 AM >To: pfSense support and discussion >Subject: Re: [pfSense] NIC Failover > >On Sun, Sep 11, 2011 at 12:46 AM, Austin G. Smith <[email protected]> >wrote: >> I have had issues with stp on the firewall in this type setup previously. >> Mileage may vary for others.. >> > >If you're bridging, yeah that can be a concern depending on your config. >Failover lagg without bridging won't cause any issues with STP though. May see >switches on occasion that have an issue with a MAC quickly moving from one >port to another related to its CAM table, or sometimes with security features >on the switch, but that's pretty unusual with typical switch configs. And >usually in that scenario you're going to be on two diff switches anyway with >failover lagg. >_______________________________________________ >List mailing list >[email protected] >http://lists.pfsense.org/mailman/listinfo/list >_______________________________________________ >List mailing list >[email protected] >http://lists.pfsense.org/mailman/listinfo/list > _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
