Multiple vlans and multiple nics



  • Hi,

    Ive set up  multiple vlans 10, 20, 30 and 40, Im now trying to connect them to 2 managed switch for redundancy. Is the best way to do this to bridge the interfaces? I've read alot of places say you shouldn't use bridges as it can cause issues and I've had a few myself but are there any other alternatives?

    Thanks



  • First off, read up on spanning tree protocol or, if you really want to get fancy, shortest path bridging.  You'll find you'll need 2 interfaces on everything that you want to be redundant, along with duplicate switches.  Of course, the main question is how much redundancy do you want/need?  In a typical network end systems, other than servers and perhaps routers do not have redundant.connections.



  • Hi,

    Thanks but my main issue at the moment is getting all the vlans to work on both switches, do I bridge the interfaces or is there another way?

    Thanks



  • @Jimmyp84:

    Hi,

    Thanks but my main issue at the moment is getting all the vlans to work on both switches, do I bridge the interfaces or is there another way?

    Thanks

    That's why I pointed to spanning tree.  With redundant networks, you need some way to appropriately forward frames through the redundant switches, without creating loops that could cause broadcast storms.  If you're doing that with pfSense too, it will need 2 interfaces on the LAN side.  However, I don't know that it supports spanning tree.  Routers from Cisco, Adtran, etc., may have built in switches that support it.  So, failing that, you'd have a single pfSense interface connected to a switch and use spanning tree from that switch to provide redundancy, through multiple switches, without allowing broadcast storms.

    Before creating a redundant network, you have to understand how redundant networks work.



  • Hi, thanks for the reply. The switches I have include spanning tree as does pfsense, so hopefully I shouldn't get any loops. But I'm still confused how to connect the 2 switches to pfsense.

    Thanks



  • @Jimmyp84:

    Hi, thanks for the reply. The switches I have include spanning tree as does pfsense, so hopefully I shouldn't get any loops. But I'm still confused how to connect the 2 switches to pfsense.

    Thanks

    Read this about bridging interfaces, including spanning tree.

    https://doc.pfsense.org/index.php/Interface_Bridges

    You might also want to read about spanning tree priority, so that the spanning tree root appears where you want it, that is next to your Internet connection, servers etc.  Otherwise, it will be determined by whichever device has the lowest MAC address and that could be anywhere. Depending on spanning tree version, it may be possible to do that on a per VLAN basis.



  • For redundancy, one normally uses a protocol. Google for 802.3ad

    And in pfSense, this might be what you are looking for: https://doc.pfsense.org/index.php/LAGG_Interfaces

    You can find that in interfaces>assignments>LAGGs (last tab)


Log in to reply