Hi Henning,
I agree, that's why I spent a long time trying to get all the switches
configured correctly. And whilst it is rare, sadly one of our providers
in particular just outright refuses to enable port-fast as they don't
trust all their colo members (kinda don't blame them).
I also don't want to put another switch (or 2 so no single point of
failure) in-between our firewalls and the providers WAN switches.
At least thanks to Stuart's suggestion most of our issues are now
resolved and we'll just have to live with the issue of a backup firewall
taking over when a cable is plugged back in/WAN provider
resets/kills/asserts/misconfigures one of their WAN switches (we have
redundant connections across their switch fabric).
Cheers, Andy.
On 23/07/13 10:34, Henning Brauer wrote:
* Andy <a...@brandwatch.com> [2013-07-22 13:14]:
None the less I'm surprised that no one else has any thoughts on
this when it has been discussed several times before.
the solution is to fix the switch config, not to come up with stupid
("works most of the time in most cases" - that's the microsoft/apple
definition of "works", but not good enough here) workarounds.
It would be /very/ easy to resolve (by someone with talent and
experience of the code base ;) and would aid the stability of
OpenBSD greatly (in an operational sense), as the knock on effects
this has really affect sasyncd, openbgpd and openospfd to name to
the ones I have problems with when a cable is pulled/NIC reset etc.
you are attributing your issues to the wrong party.
