I have two L3-switches, each in one of two buildings. They are interconnected and should behave like a single large switch for both buildings together. I've heart, that there is a technology called "switch stacking", where multiple switches behave like a single switch. As far as I know, it's not possible with the switches we have nor with Mikrotik switches.
A simplified version of my setup is shown in the network diagram below: Building A and building B have their own switches, which are connected through multiple cables (link aggregation). There are VLANs (VLAN 1+2), which are available in both buildings (both switches). And there are VLANs, which are only used in one building (VLAN 3+4), but they need to be reached also by all other VLANs - within the same building, but also from the other building. There are also a number of firewall rules on the L3-switches to control traffic between different VLANs.
There two goals:
- Network packages should use the fastest link to destination: A network package from a device in VLAN 1 in building B to another device in VLAN 1 in building B should not be routed through L3-Switch A. That's why L3-Switch B has another IP. Challenge: DHCP server for VLAN 1 needs to know, whether a device is in building A or building B to assign the appropriate default gateway (10.1.1.1 or 10.1.1.2). In my actual setup, switch B behaves currently like a L2-Switch, which means that everything is routed to switch A, which narrows bandwidth (aggregated links between buildings VS. switch backplane)
- No manual replication of switch configuration (especially firewall rules to control traffic between VLANs). There are more or less complex firewall rules between VLANs. So it would be quite a large effort, to maintain them in both switches - especially if another default gateway (switch B) comes into play.
As far as I understand, there are 3 approaches. Please correct me, if I am wrong:
- Stackable switches = multiple switches which can be configured to behave as a single large switch. This would be the most convenient and most performative option. It's only available for expensive switches from specific manufacturers.
- Routing on Mikrotik router, which is doing all the communication accross VLANs. Advantage: a single point of firewall configuration (filter rules between VLANs). Disadvantage: Bottleneck is link from switch(es) to router and of course routing performance of router, Routing performance of L3-switch via backplane would be higher?
- Routing at switch level (like shown in the diagram). Advantage: Highest performance through switch backplanes, also in routing scenarios, only bottleneck in building interconnection between switches. Disadvantage: complex setup, because firewall rules have to be duplicated manually and maybe adapted to building/switch. DHCP server needs to know in which building the network client is to assign correct default gateway (switch A vs. switch B).
Which of the three alternatives would you prefer from a practical point of view? Do you see any further alternatives?