Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Can NIC teaming working Spanning tree protocol?

Posted on 2008-09-29
10
Medium Priority
?
3,614 Views
Last Modified: 2011-10-19
I have servers that have fault tolerance NIC teaming. I have several switches and would like to use spanning tree protocol. If enable spanning tree protocol on the ports that servers are connecting to, will the NIC teaming cause any issue?
0
Comment
Question by:atlasdev
  • 5
  • 2
  • 2
  • +1
10 Comments
 
LVL 13

Expert Comment

by:Quori
ID: 22601762
STP is to prevent network loops, you need to use LACP to enable teaming support on the switch.
0
 
LVL 11

Expert Comment

by:billwharton
ID: 22601810
atlasdev
when you do NIC teeming using LACP or another protocol, the switch is configured to combine two ports into a single port-channel. Then, spanning tree is applied to the port channel and the two ports are treated as one. You should be fine..
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22602849
STP does work with multiple NICs when teamed into one channel using something like Cisco etherchannel or LACP. The link counts as one logical link and STP doesn't see it as a loop.
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22602854
If you have Intel PRO NICs I know they for sure support LACP and Cisco Etherchannel because we've got some servers on the SAN setup that way and connected straight to the switch with a 4Gbps connection. Very snappy. :-)
0
 

Author Comment

by:atlasdev
ID: 22607534
Please see my newly attached picture for the configuration I would like to have.
Basically, I hope switch can achieve a kind of failover by spanning tree protocol like Cisco router's HSRP. And I also hope that a server can connect to 2 switch at one time. If say switch 1 failed, server 192.168.6.88 can still use switch 2 to gain network access.
Is what I want realistic?
SwitchFailover.gif
0
 
LVL 11

Expert Comment

by:billwharton
ID: 22607918
Exactly. 6.88 can connect to the two switches at L2 using LACP and it would send traffic over both links. If one link goes down the other link would be used. So your design would fine
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22607933
Oh, like that - not two NICs connected to one switch. What you do then is make sure that a router (L3 switch preferably) is upstream and that the NICs have different IP addresses on the same network and with the same default gateway (usually on that router). This will work fine. STP has no problem with it at all. While they are "teamed" for redundancy, STP sees it as two separate links.
Let me know if you need more info!
0
 
LVL 12

Expert Comment

by:Pugglewuggle
ID: 22607938
OR as stated you can use LACP - it is really up to you. Sometimes issues can arise when using LACP on two physical switches - it's usually done so that the LACP channel goes to only one switch.
0
 

Author Comment

by:atlasdev
ID: 22619797
Sounds like I will have 2 IP addresses for one server. The switch will direct the traffic to the server by the IP address instead of the MAC address, right? This way when one switch fails, the server somehow by LACP will know to use the other switch for network access, right?
The problem is that I have NAT configured on the firewall to direct the web traffic to the servers. Does that mean have to configure 2 NAT statements on my firewall?
0
 
LVL 12

Accepted Solution

by:
Pugglewuggle earned 750 total points
ID: 22619945
That is right!
There can be up to a 60 second lag in the updating of info in the switches to only send data to one of the NICs. This teaming mode is called Switch Fault Tolerance (SFT) - provides failover between two adapters connected to separate switches. Switch Fault Tolerance supports two adapters per team. Spanning Tree Protocol (STP) must be enabled on the switch when you create a SFT team.  When SFT teams are created, the Activation Delay is automatically set to 60 seconds.  This teaming type works with any switch or hub. All team members must be connected to the same subnet.
I attached a document from Intel detailing this kind of teaming.
As far as the firewall goes, just create an object group and add those two IPs for the server into the object group for ACLs and then for NAT have two seperate statics for two separate public P addresses. Usually LACP is used in a LAN environment, but as I just explained, this can be done with a web server or other multi-homed device.
Just tell your web server app not to bind a site to any one IP address but to use all available addresses.

teaming.pdf
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question