Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Does the configuration my ISP provided make sense? If so, how should I configure my Cisco switches to properly utilize the Bridge being implemented with a connection to the internet at each building?

Reply
Thread Tools

Does the configuration my ISP provided make sense? If so, how should I configure my Cisco switches to properly utilize the Bridge being implemented with a connection to the internet at each building?

 
 
calgden
Guest
Posts: n/a
 
      01-14-2007
Hi all,

I am quite new to the world of Networking and have just started a
new job which is smack dab in the middle of a major project. The goal
of this project is to migrate all physical server hardware to VmWare
virtual servers as well as migrate those new virtual servers to a
secure locations hosted by another company (Our ISP). My understanding
is that the future network is being provisioned based on the
requirement that we are able to failover to our head office in the case
of a major failure at either the remote host site or the connection
between the two buildings. Basically, the requirement that was stated
was that we shouldn't have to change the IP address of the servers when
we failover the servers (All virtual server images and data stored on
SAN and mirrored across to other building)

I have the questions, based on this info (Thanks in advance)
1. Does this configuration make sense ( I suppose it may be
too late to change the contract with the ISP
but I would like your opinions anyway.
Positives/Negatives) The reason I ask is that even with my
knowledge, something sounds fishy. Did we really have to
go with a bridged solution? Couldn't we
have created the same VLAN's (Utilizing the same subnets
on each side), and had routers NAT
the traffic between the sites??

2. How should I configure the local and remote core switches
to not only allow for traffic to flow
between the buildings but also allow for all outgoing
Internet traffic to flow through the local ISP
connection at each office. I would like to configure it
to keep traffic from traversing the pipe between
the offices wherever possible. (For example, can I have
the core switch at each location act as
the default gateway for the same VLAN/Subnet so that
traffic doesn't traverse the connection
just to find the route to another VLAN on the switch in
the same office?

FYI:
Existing Configuration at our head office:

Cisco 4510r - Acts as gateway for all current VLANS except DMZ -
Server, Workstation, VOIP etc
- Trunked connection to a switch on each floor (Cisco
3560)
- Trunked connection to existing Firewall (Netscreen
50) which is our access to the internet
- All servers connected to GB ports

NetScreen 50 - Has one port connecting to the ISP Router to Internet
- Has one port connecting to 4510 trunk port (For
all VLANS except DMZ)
- Has one port connecting to our 4510 (DMZ VLAN)
It is the DMZ VLAN's gateway

Cisco 3560 - All workstations and phones on each floor connected to
these devices

Future Configuration at our head office:

Cisco 4510r - Acts as gateway for all current VLANS except DMZ -
Server, Workstation, VOIP etc
- Trunked connection to a switch on each floor (Cisco
3560)
- Trunked connection to existing Firewall (Netscreen
50) which should be this offices access to
the internet.
- Trunked connection to ISP Switch for Bridge service
between buildings

NetScreen 50 - Has one port connecting to the ISP Router (ISP Managed
Device) to Internet
- Has one port connecting to 4510 trunk port (For
all VLANS except DMZ)
- Has one port connecting to our 4510 (DMZ VLAN)
It is the DMZ VLAN's gateway
- ISP Managed Device

Cisco 3560 - All workstations and phones on each floor connected to
these devices


Future Configuration at the new remote server hosting facility:

Cisco 3750 - Trunked connection to Firewall (Netscreen ??) which is
the remote locations access
to the internet. This will also be the incoming
connection for all SMTP traffic
- Trunked connection to the ISP managed switch for
Bridged service between the buildings
- All servers connected to this device

NetScreen ?? - Has one port connecting to the ISP Router to Internet
- Has one port connecting to 4510 trunk port (For
all VLANS except DMZ)
- Has one port connecting to our 4510 (DMZ VLAN)
It is the DMZ VLAN's gateway


Future Configuration for bridged services between sites:
While I don't have exact configuration information, the ISP has
explained that they have configured a bridged "service" allowing us to
extend all VLAN's to the other location. The only other info that they
have mentioned is that they are utilizing an ATM cloud.

I apologize if I have provided too much info for the questions. Again,
any assistance would be appreciated.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cisco Switches vs HP ProCurve Switches Greg Cisco 5 07-01-2013 01:48 AM
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
Multiplexing algorithms implemented in the CISCO ATM switches Aleksey.M.Panov@gmail.com Cisco 1 05-24-2008 03:18 PM
Does Free software make sense? URL provided. Mr Undeniably Sluttish NZ Computing 2 12-11-2005 09:55 PM
Traffic Across Wireless Bridge w/ 2 VLANs using 2 Cisco 2950 Switches? Jack Taugher Cisco 2 09-20-2005 05:49 AM



Advertisments