06-17-2014 07:48 AM
We are planning a setup to bring in a second 7210 controller so we can HA our current system. I am trying to decide what the best route for a network setup is.
Currently We have a 7210 that is connected to 2 different Switches in our Main Stack (Mobility Switches 2500 48 Port). There is not currently a connection to our Palo Alto FW that we use for our routing as well.
My first question is, would it be best practice to use a port on the Controller to connect straight to the FW/Router?
Currently the Firewall is connected to two switches in the main stack. So all wireless traffic goes back to the controller, then has to go back out onto the switches to hit the firewall to route. Is this creating more traffic than we really need?
My Second Question, Is it best practices to connect my second Controller to two different switches? I know generally the Mesh approach adds more redundancy, but since we do not have the capacity to fully mesh BOTH controllers, would it be in our best interest to choose seperate switches for the failover? Would it cause any networking issues?
I looked at a few VRDs but our setup is slightly different since we aren't really using the L3 abilities of the Controllers.