This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

VOSS redundancy design query

VOSS redundancy design query

gaurav-pandya
New Contributor II

‎08-29-2023 03:30 AM

Hello All,

We have already extreme switches 5520 VOSS platform running in vIST mode and connected to firewall (with LACP) on LAN side. 

We want to achieve redundancy on DMZ and WAN side as well. I am attaching diagram for reference. We are planning to purchase 5520/5420 for DMZ environment and want to achieve redundancy. I have question regarding design.

1. Should I configure vIST and LACP configuration on DMZ environment? OR

2. I should configure simple LACP and mlt configuration on DMZ switches?

Which option would be the best one?

 

Design.PNG

 

4 REPLIES 4

gaurav-pandya
New Contributor II

‎08-30-2023 03:52 AM

Hi,

We are already using LACP MLT config on 5520 connected to firewalls with LACP on LAN side. It is working with no issue.

My question here is should I use vIST or simple LACP design for DMZ.

0 Kudos

WillyHe
Contributor
In response to gaurav-pandya

‎08-30-2023 08:02 AM

Hello,

Yes , you should use vIST setup in the redundant switch on the DMZ side.
Only then you can connect the firewalls and DMZ servers with LACP to the DMZ vIST cluster switches.

regards
WillyHe

0 Kudos

gaurav-pandya
New Contributor II
In response to WillyHe

‎08-31-2023 03:29 AM

Ok Thanks

0 Kudos

WillyHe
Contributor

‎08-30-2023 01:39 AM

Hello,

You should do the same on both sides of the FireWalls for the fastest failover.

You cannot make an LACP connection from a device (e.g. a FireWall, server system, ...) to a NON vIST setup, then the LACP would never form a trunk group..
It must be in a vIST setup.

regards
WillyHe

0 Kudos
GTM-P2G8KFN