I would need some recommendations for the failover settings at NIC Teaming for ESXi 7.
I have following Hardware:
- Server with two phsyical NIC's (ESXi 7)
- Firewall-Cluster (2 physical FW) in active/passive (master/slave) mode - the passive/slave Firewall has also an "uplink" on his ports, but not respondig to any packets
- NIC1 of Server directly connected to FW1
- NIC2 of Server direclty connected to FW2
Now I want to creating a teaming with failover, in case one Firewall fails or the master/slave changes between the two firewalls. Let's talk about the case "master/slave changes between the two firewalls" (e.g. reboot or monitored WAN-Interfaces fails => causes a master/slave change on the FW-Cluster).
My settings for the vSwitch0:
I have set the "load balacing" to "use explicit failover order" and the "network failover detection" to "beacon only" (because the slave/passive FW has always an uplink on the port). Then I have to set both NICs at "failover order" to "active" (active/passive will not work in case of a change of master/slave Firewall).
Setting for the Management Network:
On the MGMT-Network Port I have configured to "inherit from vSwitch" where possible. Then I have set "override failover order = yes". And now it doesn't matter if I set "failover order" to "active/active" oder "active/passive". That means basically it is working as expected - If I reboot FW1 (master) then the FW2 becomes the new master. I'm able to reach the ESXi throug web-interface. Also if FW1 comes up again (now the slave) it is working (I think because vSwitch0 is set active/active - otherwise it isn't working).
I haven't found an explaination example for my case (passive FW has also an uplink on his ports).
Now my Questions are: Why doesn't it matter if I configure the MGMT-Network to active/active or active/passive? Is there anything to consider - are there cases where I can get troubles with specific settings? What are the recommended settings for this case?