Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 39 subscribers
  • Views 8143 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best way to physically connect switches

TijsKeijsers

I’m currently developing a network layout for a customer. They will get a XG230 (with FleXi port SFP+) and 3 Netgear S3300 switches. While thinking about how to connect the devices 2 options came to mind and i’d like to have your opinions about it.

Switch 1 will be in the central patch with XG230
Switches 2 and 3 will be in other wings in satellite patch points.

Option 1:

XG230
- SFP_1: Switch_1 -> Access ports
- SFP_2: Switch_2 -> Access ports
- SFP_3: Switch_3 -> Access ports
- SFP_4: (spare)

Option 2:

XG230
- SFP_1: Switch_1 -> Access ports
- SFP_2: (spare)

Switch_1
- SFP_1: Switch_2 -> Access ports
- SFP_2: Switch_3 -> Access ports

What is the best option? Let inter-switch traffic run through the XG230 and directly connect the switches? Or declare a master switch to act as a single distributor.

I’d like to hear your comments on this and specially the “why”.



This thread was automatically locked due to age.
Parents
  • 0

    Tijsk,

    welcome to community. Your question is more related to network design and implementation rather than XG. Anyway in a typical installation, you should configure your entire network to send all traffic to XG/UTM, so it can inspect it and block/allow. Also you can hava reports on how much data flows from one vlan to another and so on.

    In your situation, you can use 2 switches and connect both to XG, where a LAG has been created. Use the XG as router on the stick, so it knows all VLAN and you can inspect traffic and use policy rule to filter traffic.

    Also buy a second SG230 in order to eliminate the point of failure.

Reply
  • 0

    Tijsk,

    welcome to community. Your question is more related to network design and implementation rather than XG. Anyway in a typical installation, you should configure your entire network to send all traffic to XG/UTM, so it can inspect it and block/allow. Also you can hava reports on how much data flows from one vlan to another and so on.

    In your situation, you can use 2 switches and connect both to XG, where a LAG has been created. Use the XG as router on the stick, so it knows all VLAN and you can inspect traffic and use policy rule to filter traffic.

    Also buy a second SG230 in order to eliminate the point of failure.

Children
No Data
Unfiltered HTML