Switch fault tolerant setup
-
Hi.
One question came in place, when we started to think about dual switch configuration for "switch fault tolerant" setup. I can easily support that in Linux and Windoze servers, but how can I connect pfsense box to both switches?
I have VLAN-s on my "LAN" port and everything is VLAN based. In addition, I have still one 1Gb ethernet port free on the box. The whole FW setup is failover-based (CARP) on two boxes.
What if I connect that free port to second switch and bridge it with original LAN port? Of course, with little Rapid STP tricks on the switchesThe same applies for "backup" pfsense box…
Is this a good way to start thinking about?
Thank you, Jan Zorz
-
I did some minor testing of the netgraph one2many functionality under pfSense.
http://forum.pfsense.org/index.php/topic,6525.0.html
This may or may not be of any help in what you are trying to achieve. For more details, see the man page:
http://www.freebsd.org/cgi/man.cgi?query=ng_one2many&sektion=4&apropos=0&manpath=FreeBSD+6.2-RELEASE
If the functionality is indeed working properly, it might be possible to get the functionality added to the gui with a reasonable bounty.
-
Hi…
Just a quick update on this... I managed to do it with bridging another interface with my LAN interface and setting R-STP on switches...
At first it was not working, because you indeed have to add pf rules also to bridged interface, to allow traffic, which makes no sense networking wise, but, nevermind, it works at the end.
The problem arised with VLAN-s. No way to make it work. Not with bridged interface, then I created VLAN with same id on bridged interface, still nothing, then I bridged VLAN-s with same ID on both interfaces together, nothing...
So I gave up for now...
/jan
