Anyone have any experience deploying SW-HA with Ubiquiti switching
I've recently stepping into trying to get High Availability going. We currently have Ubiquiti unifi switches and APs. I've never really been a fan of the switches, but 10gbit on unifi is cheap, so here we are.
NSa2700 + HA unit, both x1 and x2 (different ISPs) from both units plugged into a Cisco CBS350 8MGP-2x switch for my WAN switch, with each ISP having their own vLAN on that switch plus a dedicated managment vLAN for us to access it from inside the network.
I've been using the x16 SFP+ port for my "LAN" port since first setting up the first 2700, over a year ago. There are a couple dozen vLAN sub-interfaces on this port. Both x16 SFP+ ports from each respective 2700 plug into a Unifi USW-Pro-48 switch's SFP+ ports (well, two of them) and last but not least, the HA Control link and HA data link are both set to x18 on both units, with a SFP+ DAC cable connecting them.
My issue is that I have random packet loss between networks, between this site (HQ) and other sites accessing services inside HQ through VPNs, and the Unifi controller thinking the SonicWall is physically connected to any random port somewhere on the many switches.....but only for certain vLANs. I have also setup primary/secondary monitoring IPs in the HA settings, and sometimes the x.x.x.1 gateway plus the two x.x.x.253 and x.x.x.254 will all appear, but sometimes one of those monitoring IPs will disappear from Unifi's ARP table (if that's what you want to call it) completely.
Havoc ensues. Its like the HA setup creates a slow-growing broadcast storm that is not detected or reported anywhere.
Anyone else using Unifi switching and successfully have SonicWall HA working with it? We were planning on rolling out HA to all other locations once HQ was complete, but this is such a shidshow that I have my doubts.
I do have another, different model CBS350 switch coming so I can make that where the primary and secondary HA devices connect to on the inside, but am still troubleshooting this existing issue while I wait for that delivery.
Thanks for taking the time to read this, hopefully someone else has had and resolved a similar issue.