07-17-2024 09:44 PM
Greetings,
I am looking for insight on the best way to configure a new site that is being built within the same vicinity as the current building I am in.
So, in the current infrastructure, there exists a Layer 3 switch that has multiple interface VLANs for the Layer 3 routing that occurs on the device itself. This Layer 3 switch also holds a route that points to our firewall. Most of the other switches that are attached to this are just operating as Layer 2 access switches.
Within the new building, there will exist a newly built data center that will include its own ISP and set of firewalls. It would be ideal for this to operate on the same network so that we would not have to build out new IP address schemas and VLANs. So, with that said we are currently considering running fiber directly from the data center there to the existing building. The idea was to connect the two distribution switches via a trunk link. My problem with this comes with the fact that it was requested that these two buildings could operate independently if the fiber link was broken as well.
I was thinking that it may be possible to create interface VLANs on each of the switches with the same IP addresses so that routing could place to each independent firewall, but I feel like that may cause an IP conflict.
So long story short, my question is, what is the best way to accomplish this and still retain the independence of the buildings?
Solved! Go to Solution.
07-17-2024 10:24 PM
Hello!
With your current deployment having L3 on both switches is not possible, only way that comes to mind is using EVPN/VXLAN between buildings (having anycast GWs), but I assume that will complicate your current design. I would suggest you prepare a new IP address schema/VLANs and have an interconnecting segment between buildings/routing. You will avoid any future problems like L2 loops.
BR
07-17-2024 10:24 PM
Hello!
With your current deployment having L3 on both switches is not possible, only way that comes to mind is using EVPN/VXLAN between buildings (having anycast GWs), but I assume that will complicate your current design. I would suggest you prepare a new IP address schema/VLANs and have an interconnecting segment between buildings/routing. You will avoid any future problems like L2 loops.
BR
07-19-2024 08:32 AM
Hello,
Thank you for the reply, after further thought into this topology that makes the most sense. I'm just going to route the traffic from one building to another so they can still talk but keep the IP schemas and VLANs separate.
Thank you,
DM
07-18-2024 05:52 AM
we need to see the topology to see what is issue here
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide