PFSense LAGG migration puzzle
-
Hi,
I have I think a question that is more switching related then PFSense related. However PFSense makes it compex. So here we go.
I have a very basic setup where my PFSense is connected from LAN to INT1 of my switch1, which is connected to INT1 of another switch2.
I have a native vlan and some other tagged vlans on my LAN interface, and defined on my switches. All is well.Now I would like to introduce LAGG. My endgoal is to migrate al VLANS on the LAN interface including the native vlan to a LACP config. My idea was to start with a new interface and migrate, and later add the LAN interface when it's not in use anymore.
So I configured OPT4 as LACP channel and connected to INT10 of my switch. INT10 is configured as static LACP. The channel came online. Now I configured another LACP channel on my switch1 and the first LACP channel on my switch2. The moment that channel is alive my switches stop working. I have to connect with serial and disable the LACP channel. Then things will work fine again.
this is the first time I'm performing this kind of migration, so I'm probably doing something stupid.
Good to know that all the IPs of the switches and the pfsense ar in the native vlan on the LAN interface.
My endgoal summarized:
- get lacp channel from pfsense to switch1 with LAN and OPT interface connected to trunkgroup1 on switch1
- get lacp channel from switch1 to switch2
- get native vlan and tagged vlans from LAN interface migrated to LAGG0 interface.
Hope somebody can help me solve this puzzel. Appreceated a lot!
Kind regards,
Mark
-
What kind of switches are we dealing with, are they stand alone or stacked?
-
Yeah what switches are these?
Why do you want to setup a lagg? You do understand that 1+1 does not = 2 ;) it = 1 +1.. Do you have a shitton of clients on this other switch your uplinked too? And you need more bandwith, failover?
So you want have fatter pipe to pfsense.. Because your internet is faster than the 1 link? You think ports are going to fail and you want failover?
-
Hi,
Thanks for the reply. I would like to introduce redundancy and that's why I want to setup LAGG.
However the main goal is to learn from it as well.We're dealing with HP Procurve 2915-8G switches, stand alone.
Kind regards,
Mark
-
I am a little bit further. Just enabling spanning tree portfast did the trick as far as the switches concerned.
I could enable both interfaces without killing my switched network.I am now migrating the vlans to the LACP interface. I think I have 2 options:
-
Create new tagged vlan, assign interface and re-tag on all devices with the vlan tag (with this option I need to change the vlan tag on several devices) or….
-
Create new tagged vlan, delete interface, delete vlan, change vlan tag on newly created vlan to old one, and assign interface, but then I need to re-configure all the firewall rules and the interface, dhcp etc again.
I have one vlan which I would not like to re-tag on al my hypervisors etc. But I also would not like to create all firewall rules etc all over again.
What is the smartest way to migrate a vlan, with a lot of rules to the new LAGG interface, without changing the vlan id?
Thanks,
Mark
-
