mickinoz2005
asked on
Hardware Switch Failover how do you do it - can you do it for a small business
Hi there,
We have a client who has their equipment in a datacentre they are not a big client but they are using VMWare Esx and also they do have failover on their firewall.
The issue we have is that the switch we are using is really the main weak point and although we do have a spare switch on site in the event of a failure we have to do manual cable moving to get things working again.
Is there anyway I can setup the switches to do failover - lets assume we have not bought the switches yet as we want to do up specs for new ones.
Our firewalls and other equipment only have one lan connection availalbe out of them so I am thinking we cannot do this unless we had some sort of switch backbone or something.
Any ideas anybody.
We have a client who has their equipment in a datacentre they are not a big client but they are using VMWare Esx and also they do have failover on their firewall.
The issue we have is that the switch we are using is really the main weak point and although we do have a spare switch on site in the event of a failure we have to do manual cable moving to get things working again.
Is there anyway I can setup the switches to do failover - lets assume we have not bought the switches yet as we want to do up specs for new ones.
Our firewalls and other equipment only have one lan connection availalbe out of them so I am thinking we cannot do this unless we had some sort of switch backbone or something.
Any ideas anybody.
Mark Wood
what type of internet connection are you using? (roadrunner, dsl, etc.)
if you have physically only one line between points, then use single switch with good MTFB, redundant PSUs(and power) from a good vendor (cisco, nortel,extreme?), otherwise, your internet connection will be the weakest link
can you provide a basic diagram? are the switches just layer 2 or are they doing L3 routing also?
ASKER
Hi,
Attached is a very crude network drawing - the switches are not L3 / L2 as they are not purchased yet - currently there is two unmanaged switches there which are to be replaced and hence why i want to try to find the best solution. I don't want to spend thousands of euros on two switches as the client will not pay however they will pay a reasonable fee but that is for later getting a solution or options now is more important.
I just cant see how I would provide redundancy for physical links...
thanks for your help in advance
Drawing1.jpg
Attached is a very crude network drawing - the switches are not L3 / L2 as they are not purchased yet - currently there is two unmanaged switches there which are to be replaced and hence why i want to try to find the best solution. I don't want to spend thousands of euros on two switches as the client will not pay however they will pay a reasonable fee but that is for later getting a solution or options now is more important.
I just cant see how I would provide redundancy for physical links...
thanks for your help in advance
Drawing1.jpg
Assuming each server has 2 connections you can put in a team i would get two L3 switches and run HSRP between them. Plug 1 connection of each server and the primary firewall into 1 switch and the others into the other switch. Have the firewalls not only monitor their connection to the router/internet but also monitor the connection to the switch to determine if there needs to be a failover.
Then your primary switch could fail and everything should keep working just fine.
Then your primary switch could fail and everything should keep working just fine.
ASKER
Yeah not sure if the firewall can monitor its connection to the switch though think there lies an issue.
Can I ask and being really stupid about this - if I have a server with two nics and they are in a team and I connect 1 to one switch and the other to the other switch but lets say the switches are just unmanaged but are uplinked to each other will I have problems and what would they be.
We also have some other devices that have single Lan connections that are currently going into the switch such as ILO ports / SAN management ports and also SSL VPN device.
Hence why i was looking for the switch failover concept
Can I ask and being really stupid about this - if I have a server with two nics and they are in a team and I connect 1 to one switch and the other to the other switch but lets say the switches are just unmanaged but are uplinked to each other will I have problems and what would they be.
We also have some other devices that have single Lan connections that are currently going into the switch such as ILO ports / SAN management ports and also SSL VPN device.
Hence why i was looking for the switch failover concept
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
They are Sonicwall NSA 2400 devices. Was just checking there and they can do probing however I can only see one address that they can probe which would not be good enough.
Pity you can't buy two 24 port switches in one box with dual PSU's and some magic way to failover...
I know being silly but you kinda wish..
Pity you can't buy two 24 port switches in one box with dual PSU's and some magic way to failover...
I know being silly but you kinda wish..
yeh its kinda of dumb that on a router or firewall or whatever the most basic devices you have some sort of fail over mechanism but not really with a switch. you could always go get a modular switch and get dual PS's and get the redundancy you need but it costs a lot more money. Maybe someone smarter than me has a better solution. if you design it right you can def have a little more redundancy without spending a lot than just leaving the second one unplugged waiting for the primary to fail and someone to go there and switch some cables though.
thanks to akalbfell for supporting my idea in this question ;)
I'm not..you said get one good switch. I suggested two even if they are unmanaged and put a firewall and one nic of each server into each switch and trunk the switches. You save yourself in more scenarios with this method rather than one redundant switch.
Also if your weakest link when talking about equipment in a data center is the internet connection, you are doing just fine. They should handle all the redundancy in regards to your connection to the outside, that is what you are paying them for. :-) if it was your office then there is a whole new discussion involving good old Mr. BGP
Also if your weakest link when talking about equipment in a data center is the internet connection, you are doing just fine. They should handle all the redundancy in regards to your connection to the outside, that is what you are paying them for. :-) if it was your office then there is a whole new discussion involving good old Mr. BGP
ASKER
thanks for your help...
Here is the easiest way to do this. Just plug in a nic from the server to each switch.
untitled-copy.bmp
untitled-copy.bmp
The absolute best way to do this is with 3 switches. 1 for you pc's etc. and 2 for the server failover. The run a cross connect from each of the server switches to the pc switch. This can all be done with inexpesive switches.