Seeking advice on technical possibility

  • 0
  • 1
  • Question
  • Updated 3 years ago
  • Answered
Customer plan to have separate VLAN on the switches for IPs from different segments. Each segment is not suppose to see each other. Also need to stack the switches for HA purposes. Below are their plan architecture.  Is your any expert able to advice the technical possibility? 

Photo of Norman Tan

Norman Tan

  • 170 Points 100 badge 2x thumb

Posted 3 years ago

  • 0
  • 1
Photo of Senguttuvan, Arun

Senguttuvan, Arun, Employee

  • 876 Points 500 badge 2x thumb
Hi Norman,

You could have IP forwarding disabled if you don't want communication between VLAN's. Find below the link for the article which has details about how to stack switches:

 How to create a stack with Summit switches

If you have further questions, I would recommend you to open a case with TAC. 
Photo of Mel78, CISSP, ECE


  • 1,044 Points 1k badge 2x thumb

The best practice is always use port-based VLAN. Meaning each VLAN should have only 1 IP Segment. To avoid broadcast chaos traffic from different IP Segments within the same VLAN. Even more so if you run multicast L2 IGMP and not L3 multicast.

The design above is very typical of HA. However, the issue is on your Firewall. Is your pair firewall stackable as well ? or running Cluster ? or running just a basic VRRP ?

This requires your stackable switch to be running either L2 LACP to the pair of firewalls if they are HA stack (Active/Active or Active/Passive), or L3 ECMP or OSPF ECMP or etc.

Many things to consider to have a seamless integration with your firewall in HA mode.

Photo of Norman Tan

Norman Tan

  • 170 Points 100 badge 2x thumb
Hi All,

Based on the diagram, i supposed that the below are the ones that we need to configure..
1.       Configuration of up to a maximum of 18 VLANs total for 4 switches

2.       Assignment of ports interfaces to respective VLANs

3.       Assignment of IP addresses to respective VLANs

4.       Configuration of Management IP

5.       Configure Hostname

6.       Configure Stacking

7.       Configure Link Aggregation

8.       Backup Configuration

9.       Upgrade of firmware ( If needed for stacking )

But i have one concerns, since one of the vlan will be sending and receiving multicast traffic, what do i need to configure on the switch for multicast traffic to flow through ?

Photo of Norman Tan

Norman Tan

  • 170 Points 100 badge 2x thumb
Hi All expertise,

Anyone could advise me on the configuration based on the attached diagram ?
What i am more concerns is the multicast traffic. Do i need to configure any multicast for it to work ? Basically some ports from vlans2 will be sending and receiving multicast traffic.

Thanks in advance!