I'd like to offer my datacenter customers a second access port, for redundancy. Looking through Cisco docs, they seem to recommend:
-server S connects to two access switches, a1 and a2, in a "V" configuration
-each access switch connects to core switches cA and cB, in a "V" configuration
-core switches trunk together
-Rapid PVST+ used in the core/access network
I have two wrinkles:
Instead of connecting each access switch to both core switches in a "V", I'd prefer to just connect access switch aA to core cA, and access aB to core cB; then trunk the two core switches together. This would form a "square" between the four switches.
The second wrinkle, is that the "access switches" are customer-owned. They may be Cisco, Dell, Netgear, whatever. Is Rapid PVST+ (with root guard) a wise choice to run on the core switches? There's a Dell whitepaper that recommends setting Dell to Rapid, but leaving Cisco at the default settings (PVST+).
I'd prefer to just connect access switch aA to core cA, and access aB to core cB;
That's fine.
On the second part, any time you are using the clients switches. regardless who makes them, you may have issues. You are going to have to test each of the various switches as the client brings them in. Once you learn the correct setup for a brand of switch you will need to standardize for that brand of switch.
Ouch. I suppose I could require that the hosting center own and manage those two switches in the customer cabinet (and bump-up the price). Probably most of the customers will have dual firewall, rather than dual switch, so will not need STP.
Do most hosting centers run BPDU guard, to prevent customers from hooking up a pair of connected switches to the redundant ethernet ports? I have a couple of customers who want to plug their pair of switches into redundant ports.
If the colo customer has two switches, I wonder why I wouldn't just hand them two layer-3 interfaces running HSRP? I wouldn't need to run STP at all.
With two layer-3 interfaces to the customer, if (for example) the link between their two switches went down, then there could be a serious problem: I might send all their traffic to switch A, but some of their servers may only be sending/receiving traffic via switch B. Using a pair of bonded 802.3ad links between customer switches would help avoid that possibility.
With two layer-3 interfaces to the customer, if one of the customer switches quit forwarding packets, but kept providing link, then that would also be bad (much worse than if running STP through the customer's switches). But is that a common-enough problem to worry about?
Redundant ports/STP design
