Thanks Jason for the details. I'm quite good from L3 and up, but I still never had to understand so much about L2 ;-))
> The problem you will/may encounter will differ based on the vendor of > SWITCH1 and SWITCH2. Some vendors will handle it OK if the MAC is a > multicast MAC, some will log a warning, some will not allow it and simple > accept the first port, some will forward randomly. OK, and it will be a multicast MAC as long as I remember how do carp work. Would it mean the frame could be duplicated ? Is there any good article/tutorial about this you're aware of ? > This is a pure vendor-implementation issue of how they forward frames > and if their CAM/FDB/Forwarding Database/whatever they call it allows > multiple entries and if it expires entries on ports that go down. That's bad news :-( > > switches, themselves connected together through one port. That setup > > With all that attention to redundacy, why not make the link between > SWITCH1 and SWITCH2 two links or more? I have to be honest : the posted schema is a simplified one. It misses two informations : - There could be two levels of switches involved between servers and firewalls (from two different vendors !), - The link between switches is a metro link. That's why I am interested in having the lowest possible number of frames from one server being forwarded to remote firewalls. Routers will choose the right destination after the firewalls, but I would like to keep server<=>firewalls traffic as much local as possible. > If you have a relationship with the vendor, ask them. Not still sure of the vendor. Should be 3COM. > Or simply try > it out and report back! I don't have the hardware, I must plan this for the end of the month. BR, -- Sylvain COUTANT ADVISEO http://www.adviseo.fr/ http://www.open-sp.fr/
