Hello, I am trying to avoid having any single points of failure. I plan to purchase 2x USW-Aggregation and 2x USW-Pro-24-PoE:The plan would be to have both Aggregation switches connected to each other and each 24-port switch connected to both the aggregation switches and each other with no single point of failure. I will not be using a UDM UDM pro no USG. The plan is just to configure them using VLANS and using a non-unifi firewall such as a sophos XG. I cant find any information on using the aggregation switches in this way. Most examples are with only one. Any help will be appreciated. I have seen one suggestion of using and configuring RSTP however I ahve never dont this before and some advice or Switch or Port based RSTP configuration or settings on each device would be appreciated.
I don’t think UniFi supports Multi-chassis Link Aggregation Grouping (MLAG).
Avoiding a single point of failure in the network, look into Layer 3 switching. Most smart switches are layer 2 and essentially collapsed core networks, combining the switching and routing in a single device. By going with L3, you gain network resilience however there is a cost for the equipment as not all switches can run dedicated L3. Some of the Unifi switches are L3 capable. https://help.ui.com/hc/en-us/articles/360042281174-UniFi-USW-How-to-Enable-L3-Routing-on-UniFi-Switch#2
Hello, I would simply want failover links from the 24port POE switches to the 8-port aggregate switches. So each 24-port switch connected to both 8-port Aggregate switch via single 10GB link, and should a 10GB switch fail, the other route to the other 10GB switch would be used. Of course it would require physically unpatching endpoint devices from one switch to another but this is okay
I was not sure Ubiquiti offer core switches and distribution switches that allow for the scheme you attached above. I was looking for only two layers and not 3 as you have indicated and as routing is dealt with by the Sophos FW, i was not really worried about later 3 at the switch layer. I was planning sinply to implement VLANS on the switches with the Sophos having an interface on each VLAN/Subnet defined. all devices on the Switches will have their gateway as the sophos device. The links between the switches simply need to be failover links with only one link being used at a time. Is this feasible with any combination of Unifi swicthes?