Hello
we have a 2 switch stack (MS425-32)
Stacked with Port 33 SW1 going to Port 34 on SW2 and Port 34 SW1 going to Port 33 SW2
Stack is good and healthy.
We have a aggregate on port 1 on both switches that face a firewall
| Port status | Enabled |
| Type | Trunk |
| Native VLAN | 666 |
| Allowed VLANs | 123 |
| Access policy | Open |
| Link negotiation | Auto negotiate (10 Gbps) |
| RSTP | Enabled (Forwarding) |
| Port schedule | Unscheduled |
| Port isolation | Disabled |
| Trusted DAI | Disabled |
| UDLD | Alert only |
| Tags | none |
| PoE | n/a |
| Port mirroring | Not mirroring traffic |
| Stacking port | Disabled |
and
We have a aggregate on port 2 on both switches that face my machine
| Port status | Enabled |
| Type | Trunk |
| Native VLAN | 666 |
| Allowed VLANs | 123 |
| Access policy | Open |
| Link negotiation | Auto negotiate (10 Gbps) |
| RSTP | Enabled (Forwarding) |
| Port schedule | Unscheduled |
| Port isolation | Disabled |
| Trusted DAI | Disabled |
| UDLD | Alert only |
| Tags | none |
| PoE | n/a |
| Port mirroring | Not mirroring traffic |
| Stacking port | Disabled |
if we do a switch reboot (eg reboot switch 1 or 2) , we are seeing a 30 second outage before the firewall interface on VLAN123 is available again , what we are expecting is almost a instant / 1-2 second outage
We made a change on the firewall side , changing it from Passive SLOW LACP to Passive FAST LACP
and it made a big improvement - approx 10 Second outage before the firewall interface is available again on switch reboot.
What we are trying to get to is normal ~1 second outage on a switch reboot - where the links fail to the other switch
please can you check if our Agg towards the firewall is configured as best practise ,
i suspect we may need to disable RSTP , and maybe some other aggregate settings - any help or assistance appreciated.as this is our first Meraki Switch Stack and we are struggling to find best practises on LACP Aggregates towards devices such as a firewall
thanks!
