[afnog] Kindly recommend best step to take.
Phil Regnauld
regnauld at nsrc.org
Thu Apr 17 13:16:59 UTC 2014
Ikemefuna Odiachi. (i.odiachi) writes:
>
> Requirement:
> All 3 Vendors will drop 1x E1 modem and 1x router as CPE at the HQ DC
> I need to integrate the 3 WAN links so that the entire WAN is centrally managed/provisioned from a single core network device
Hi Odiachi,
You mean: each vendor will terminate a link to your premises, to aggregate
their "share" of the 340 locations ? Or will they each bring a router ?
How will each of the 340 locations be presented to you ? VLAN ? other ?
Or will you have to point statics down to each vendor's WAN aggregation
point ? Or will you see each of the IP of the remote location's router ?
(will this be L3, or L2, basically).
> My asks:
> 1. Which network device would you recommend to do this (aggregation router, multi-layer switch)?
How much inter-site trafic do you expect ? Or will it all be mostly to
and from Internet and core services/servers ?
Cisco ASR comes to mind, or even a beefy Linux/UNIX box, depending on
the throughput.
> 2. If this is unavailable, do you agree that we can use a Cyberoam UTM (CR2500iNG-XP) to perform this aggregation? (We are looking to do this with a default route set up from each of the 3 WAN routers to the Cyberoam)
I would definitely leave the security part upstream, and not mix those two
layers. To be honest, I don't know the Cyberoam, but I would keep routing
and firewall separate, to make things easier to debug. There may be
restrictions in throughput via licensing or simply filtering/inspection
performance.
Cheers,
Phil
More information about the afnog
mailing list