I'm a sysadmin tasked with finding a managed service provider or networking contractor to build out our new colo space networking. I'm hoping to get some input to make sure I don't sound like an idiot when contacting them about this, and to make sure I go into these calls with at least some basic understanding of what we need so that we don't get oversold.
Our new colo space has 2x connections coming into our rack from our provider - these will be used as redundant uplinks.
We are bringing our own /24s -- our provider will announce our IP blocks and then statically route our IP space to one of the usable IP address in the /29 range they supply.
Aside from bringing our own /24s and the redundancy between the two uplinks, our needs are fairly basic - we have our private network on a totally separate switch, so this is basically one big public network for our rack to reach the internet.
Our provider says we must have a layer 2 switch between their equipment and our routers for the FHRP frames to negotiate the proper active/standby state. (Our plan at this point is to use VRRP, but we do have the option to use BGP instead.) SUICEL
From what I can tell, it seems like a Cisco SX550X class switch would do the job for us since it is a layer 2 and layer 3 switch. (I'm comfortable with port numbers and speeds, backplane, etc. - it is the networking/routing side that I'm unsure about.)
And then if all we need are the 2x Cisco switches, would VRRP just need to have the Virtual IP (the one that floats to whatever switch is in the primary role) set to the IP where our provider is routing our /24s? Is anything else needed to get access to our /24s?
We're not using any kind of address translation, so I assume we don't need a firewall (at least not forthe routing/networkingto work).
This may be a bit late for you but by the sounds of it you are installing 2 routers in your cab, the provider has allocated you a /29 and will use one of those IPs as the next hop IP so you want this to be a VRRP VIP in which case you need switches between your routers and the provider equipment ?
I work in a DC and to be honest the last thing we allow for colos are connections from L2 switches, we always insist on a L3 boundary between the colo and our equipment but I guess everyone does it differently.
Personally if I had my own public addressing I would take the BGP option and instead of a /29 from the provider take 2 x /30 one to each provider core device (assuming that is on offer).
You can then advertise your BGP networks to them and have control over which paths traffic takes in and out of your cab as it sounds like you have multiple /24s (I am assuming you have your own ASN as well).
If you didn't want to do that then yes you basically just need 2 L2 switches (nothing fancy) so your router's WAN interfaces can exchange VRRP messages and the provider would route to that VIP.
はじめに確認方法Version による Application name の変更について備考参考情報 はじめに本ドキュメントでは Cisco SD-WAN における Policy 上で設定可能な Application を確認する方法について記載しています。 確認方法サポートされている Application name についてはご使用されている vManage へ API を呼び出して確認することが可能です。https://<IP or FQDN>/...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where the spok...
On 24th August 2021, Cisco announced the latest IOS XE release - Cisco IOS XE Bengaluru 17.6.1a
IOS XE 17.6.1a unlocks various routing features and enhancements comprehensively covering different technology segments such as voice, security,...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where th...
SummaryRequirementsConfiguration StepsVerificationFAQTroubleshootingReferences & Tools
In the past when IOS 12.x was hot stuff we used MD5 to authenticate OSPF neighbors. This worked great on ethernet networks because OSPF is a m...