Hi I need a redundant setup where the network I am connecting to can only give me two cables with dedicated ip addresses - no pools. I want to create a setup with two or more devices where if the device I have plugged both cables into fails then the other device can continue to let the traffic on those cables and ports flow without having to move cables, and have no or as little traffic loss as possible.
Is this achieved through a stackable switch? If not what other device or setup do I need to achieve this?
Stackable switches mostly are used to make a group of smaller switches appear to be one large switch. They in effect connect the backplane. This feature itself will not help solve your issue mostly any manageable switch will work.
Now if you take 2 cables and physically plug them into a device and that device blows up it is the same as cutting the cables. You would have to have 2 more cable to solve this.
Now lets take a commercial example where you really do this. You have 2 fiber cables coming in from a ISP running on diverse paths so they cannot both be cut.
First way to run this is to run spanning tree. You would connect each fiber to a different switches and hook the switches together. The switches along with the ISP switches would choice a SINGLE fiber and disable the other. If it fails it would switch over in a couple of seconds. This assumes you do not need to use both paths for capacity.
Second way is to bond the ports together to make them appear as a single link. Cisco calls this etherchannel but most vendors have it. Problem in your case you need this to go to 2 different switches. Switches that can do multichassis port bonding are kinds expensive. Still even when you bond them together it does not always use both path effectively, it really depends on the traffic. If you get a failure you are cut to 50% capacity but can use 100% in non failure. It is unlikely you would get this implemented in any network that you did not control completely few ISP would offer this as a solution.
The most common way to solve this is with a layer 3 switch. This design is very similar to the spanning tree design in that you run 1 cable to each switch. You would run a routing protocol to detect any outages in the network and cause the failover. Unlike spanning tree you can if you work at it manually load balance the traffic over both paths with creative routing. Again if you fail a cable you lose 50% of your capacity.
Now from experience doing this when you get a hardware failure on a switch it will not actually totally fail. It will partially fail. It will do something like only pass certain types of traffic or it will leave all the ports up but pass no traffic.
Thanks your help is much appreciated. My setup is not with an ISP but rather an edge network where the network we are connecting to are just stingy about their ports. However the same rules do apply.
I do know such devices that would allow me to do this type of setup are expensive.
I was looking at the following devices to do this for me, would appreciate a suggestion on these:
1. Netgear GS724TS - the cheapest stackable switch I could find and also has ACL which is the basic feature I need since the main network is already firewalled. It also supports IEEE 802.3ad Static or Dynamic Link Aggregation.
2. Juniper SRX220 Firewall in a cluster setup - Slightly more expensive but has full firewall features and supports active-passive setup.
3. Cisco Catalyst 3750 - Expensive switch but has all the bells and whistles only want to go to this if the above or other options are all exhausted.
In terms of performance I am looking at a HTTP traffic load of 500 TPS of 1244bytes in Packet/Frame Length per packet.
Yes I have heard the 3750 does let you build etherchannels across switches but I have never done it. I have only done it on 6500 series which are outrageous price wise.
This takes some very careful reading to find the exact models that support both the stacking feature and allow you to implement 802.3ad across the stack switches.
The only other ones than cisco I know for sure support this capability are HP procurve but I don't remember the exact models.
Then again when you are looking to purchase expensive equipment that is what presales people at these companies are for.
So far in the places I have ever implemented multi switch port bonding I have never had a failure so I can't actually say how well it works.
..a comment on capacity on 802.3ad port groups. How much traffic they will pass depends how many unique address pairs pass between them. It will use combinations of the IP and mac addresses to select the path. So in the worst case where you have attached a server and the switch is acting as the default gateway since the IP and mac addresses are always the same it will always take the same path so at most it will use 1 no matter how many you bond. It works best when there are many different addresses on both sides of the path.